exploitDog

GHSA-6w64-j998-2q4m

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to read files from the filesystem via a XXE vulnerability.

The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to read files from the filesystem via a XXE vulnerability.

Ссылки

EPSS

Процентиль: 39%

0.00171

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2017-18110

CVSS3: 6.5

nvd

почти 7 лет назад

The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to read files from the filesystem via a XXE vulnerability.

EPSS

Процентиль: 39%

0.00171

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611