exploitDog

GHSA-6h7w-vjm9-6785

Опубликовано: 16 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data.

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data.

Ссылки

EPSS

Процентиль: 9%

0.00032

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-284

CWE-639

Связанные уязвимости

CVE-2025-64012

CVSS3: 4.3

nvd

около 2 месяцев назад

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data.

EPSS

Процентиль: 9%

0.00032

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-284

CWE-639