Описание
Nablarch Incomplete Cryptography
An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.
Пакеты
Наименование
com.nablarch.framework:nablarch-fw-web
maven
Затронутые версииВерсия исправления
< 1.5.1
1.5.1
Связанные уязвимости
CVSS3: 9.1
nvd
почти 7 лет назад
An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.