exploitDog

GHSA-6whq-cc4j-9xc8

Опубликовано: 08 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.7

Описание

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected.

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected.

Ссылки

EPSS

Процентиль: 71%

0.00673

Низкий

7.7 High

CVSS3

CVE ID

Дефекты

CWE-35

Связанные уязвимости

CVE-2025-30014

CVSS3: 7.7

nvd

10 месяцев назад

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected.

BDU:2025-04843

CVSS3: 7.7

fstec

10 месяцев назад

Уязвимость программного обеспечения для управления налоговыми обязательствами SAP Capital Yield Tax Management, связанная с неверным ограничением имени пути к каталогу, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 71%

0.00673

Низкий

7.7 High

CVSS3

CVE ID

Дефекты

CWE-35