exploitDog

GHSA-m69v-fw3j-m3f7

Опубликовано: 21 сент. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.

Ссылки

EPSS

Процентиль: 51%

0.00283

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2023-42280

CVSS3: 7.5

nvd

больше 2 лет назад

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.

EPSS

Процентиль: 51%

0.00283

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22