Описание
An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username (under which the web server is running) by triggering an invalid path permission error. This bypasses the fakepath protection mechanism.
An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username (under which the web server is running) by triggering an invalid path permission error. This bypasses the fakepath protection mechanism.
EPSS
Процентиль: 66%
0.00526
Низкий
CVE ID
Связанные уязвимости
CVSS3: 5.3
nvd
больше 5 лет назад
An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username (under which the web server is running) by triggering an invalid path permission error. This bypasses the fakepath protection mechanism.
EPSS
Процентиль: 66%
0.00526
Низкий