exploitDog

GHSA-g359-2hjj-8pjg

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

TestLink through 1.9.16 allows remote attackers to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php.

TestLink through 1.9.16 allows remote attackers to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php.

Ссылки

EPSS

Процентиль: 54%

0.00315

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2018-7668

CVSS3: 7.5

nvd

почти 8 лет назад

TestLink through 1.9.16 allows remote attackers to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php.

EPSS

Процентиль: 54%

0.00315

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200