exploitDog

GHSA-6xr7-62x7-7qch

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing server-side check on the file type/extension when uploading and modifying scripts.

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing server-side check on the file type/extension when uploading and modifying scripts.

Ссылки

EPSS

Процентиль: 92%

0.07753

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2018-5341

CVSS3: 9.8

nvd

почти 8 лет назад

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing server-side check on the file type/extension when uploading and modifying scripts.

EPSS

Процентиль: 92%

0.07753

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-20