exploitDog

GHSA-h2w7-2v8j-jgm7

Опубликовано: 11 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.

Ссылки

EPSS

Процентиль: 23%

0.00076

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-276

CWE-522

Связанные уязвимости

CVE-2025-27926

CVSS3: 4.3

nvd

11 месяцев назад

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.

EPSS

Процентиль: 23%

0.00076

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-276

CWE-522