exploitDog

GHSA-97f9-42cr-fpvx

Опубликовано: 05 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter.

Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter.

Ссылки

EPSS

Процентиль: 27%

0.00094

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2025-51628

CVSS3: 7.5

nvd

6 месяцев назад

Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter.

EPSS

Процентиль: 27%

0.00094

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639