exploitDog

GHSA-9w2m-c6wc-48q6

Опубликовано: 08 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack.

DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack.

Ссылки

EPSS

Процентиль: 22%

0.00072

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-307

Связанные уязвимости

CVE-2023-49443

CVSS3: 9.8

nvd

около 2 лет назад

DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack.

EPSS

Процентиль: 22%

0.00072

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-307