exploitDog

GHSA-hx5m-93g9-j2jh

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user.

Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user.

Ссылки

EPSS

Процентиль: 46%

0.00233

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2020-8297

CVSS3: 4.3

nvd

почти 5 лет назад

Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user.

EPSS

Процентиль: 46%

0.00233

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639