exploitDog

GHSA-gjgw-rx73-rvp5

Опубликовано: 25 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).

Ссылки

EPSS

Процентиль: 56%

0.00337

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-668

Связанные уязвимости

CVE-2022-45895

CVSS3: 6.5

nvd

около 3 лет назад

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).

EPSS

Процентиль: 56%

0.00337

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-668