exploitDog

GHSA-6w4j-5cmh-9j58

Опубликовано: 03 июл. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key. NOTE: the current version is 11 as of mid-2024.

The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key. NOTE: the current version is 11 as of mid-2024.

Ссылки

EPSS

Процентиль: 26%

0.00091

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-522

Связанные уязвимости

CVE-2024-38453

CVSS3: 7.5

nvd

больше 1 года назад

The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key. NOTE: the current version is 11 as of mid-2024.

EPSS

Процентиль: 26%

0.00091

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-522