exploitDog

GHSA-c3wj-2vf4-295m

Опубликовано: 12 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.6

Описание

AlekSIS-Core is vulnerable to Incorrect Access Control. Unauthenticated users can access all PDF files. This affects AlekSIS-Core 3.0, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.2.0 and 3.2.1.

AlekSIS-Core is vulnerable to Incorrect Access Control. Unauthenticated users can access all PDF files. This affects AlekSIS-Core 3.0, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.2.0 and 3.2.1.

Ссылки

EPSS

Процентиль: 32%

0.00123

Низкий

5.6 Medium

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-25683

CVSS3: 5.6

nvd

11 месяцев назад

AlekSIS-Core is vulnerable to Incorrect Access Control. Unauthenticated users can access all PDF files. This affects AlekSIS-Core 3.0, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.2.0 and 3.2.1.

EPSS

Процентиль: 32%

0.00123

Низкий

5.6 Medium

CVSS3

CVE ID

Дефекты

CWE-284