exploitDog

GHSA-fhxr-6q8q-x43m

Опубликовано: 13 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage.

Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage.

Ссылки

EPSS

Процентиль: 52%

0.00293

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2024-25154

CVSS3: 5.3

nvd

почти 2 года назад

Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage.

EPSS

Процентиль: 52%

0.00293

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-22