exploitDog

GHSA-h784-q47c-ccw7

Опубликовано: 17 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.6

Описание

Insecure Permissions vulnerability in themesebrand Chatvia v.5.3.2 allows a remote attacker to escalate privileges via the User profile name and image upload functions.

Insecure Permissions vulnerability in themesebrand Chatvia v.5.3.2 allows a remote attacker to escalate privileges via the User profile name and image upload functions.

Ссылки

EPSS

Процентиль: 18%

0.00057

Низкий

4.6 Medium

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2024-40514

CVSS3: 4.6

nvd

около 1 года назад

Insecure Permissions vulnerability in themesebrand Chatvia v.5.3.2 allows a remote attacker to escalate privileges via the User profile name and image upload functions.

EPSS

Процентиль: 18%

0.00057

Низкий

4.6 Medium

CVSS3

CVE ID

Дефекты

CWE-276