exploitDog

GHSA-hqvm-vcjf-63x9

Опубликовано: 30 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function.

An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function.

Ссылки

EPSS

Процентиль: 53%

0.003

Низкий

6.5 Medium

CVSS3

CVE ID

Связанные уязвимости

CVE-2021-45789

CVSS3: 6.5

nvd

больше 3 лет назад

An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function.

EPSS

Процентиль: 53%

0.003

Низкий

6.5 Medium

CVSS3

CVE ID