exploitDog

GHSA-mmc3-fc94-5jrc

Опубликовано: 19 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/.

An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/.

Ссылки

EPSS

Процентиль: 52%

0.00288

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-668

Связанные уязвимости

CVE-2022-28924

CVSS3: 6.5

nvd

больше 3 лет назад

An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/.

EPSS

Процентиль: 52%

0.00288

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-668