exploitDog

GHSA-h5h4-cjwm-9g2f

Опубликовано: 30 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.

Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.

Ссылки

EPSS

Процентиль: 82%

0.01697

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-312

Связанные уязвимости

CVE-2001-1481

CVSS3: 9.8

nvd

почти 24 года назад

Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.

EPSS

Процентиль: 82%

0.01697

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-312