exploitDog

GHSA-p74w-76h9-xxqv

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.

An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.

Ссылки

EPSS

Процентиль: 54%

0.00309

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2019-6513

CVSS3: 5.4

nvd

больше 6 лет назад

An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.

EPSS

Процентиль: 54%

0.00309

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-434