exploitDog

GHSA-6phm-74mw-7r5r

Опубликовано: 15 июл. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL.

The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL.

Ссылки

EPSS

Процентиль: 32%

0.00126

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2024-6738

CVSS3: 5.3

nvd

больше 1 года назад

The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL.

EPSS

Процентиль: 32%

0.00126

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-284