Описание
Overhang Tutor Discloses Sensitive Information due to Improper Cache-Control
An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.
Пакеты
Наименование
tutor
pip
Затронутые версииВерсия исправления
<= 20.0.2
Отсутствует
Связанные уязвимости
CVSS3: 3.3
nvd
2 месяца назад
An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.