exploitDog

GHSA-p6qm-652f-pc2j

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.

When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.

Ссылки

EPSS

Процентиль: 98%

0.53868

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2021-20114

CVSS3: 7.5

nvd

больше 4 лет назад

When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.

EPSS

Процентиль: 98%

0.53868

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200