exploitDog

GHSA-c45j-v7f7-m96f

Опубликовано: 26 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location.

Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location.

Ссылки

EPSS

Процентиль: 15%

0.00048

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2024-46412

CVSS3: 6.5

nvd

6 месяцев назад

Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location.

EPSS

Процентиль: 15%

0.00048

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-284