exploitDog

GHSA-cpj8-ppjf-3vrf

Опубликовано: 25 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

Planet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform unauthenticated uploads (Upload2.ashx) or access content uploaded by other users (View.aspx after Ajax.asmx/SaveGrantAccessList).

Planet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform unauthenticated uploads (Upload2.ashx) or access content uploaded by other users (View.aspx after Ajax.asmx/SaveGrantAccessList).

Ссылки

EPSS

Процентиль: 50%

0.00267

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2022-45891

CVSS3: 9.1

nvd

около 3 лет назад

Planet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform unauthenticated uploads (Upload2.ashx) or access content uploaded by other users (View.aspx after Ajax.asmx/SaveGrantAccessList).

EPSS

Процентиль: 50%

0.00267

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-863