exploitDog

GHSA-7w8x-g282-6cf2

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie.

The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie.

Ссылки

EPSS

Процентиль: 51%

0.00275

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-522

CWE-565

Связанные уязвимости

CVE-2021-28171

CVSS3: 9.8

nvd

почти 5 лет назад

The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie.

EPSS

Процентиль: 51%

0.00275

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-522

CWE-565