exploitDog

GHSA-pf66-8v2r-m3jq

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other sensitive information via GraphQL because permission checks use an incorrect data type.

Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other sensitive information via GraphQL because permission checks use an incorrect data type.

Ссылки

EPSS

Процентиль: 69%

0.00609

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-732

Связанные уязвимости

CVE-2021-35970

CVSS3: 7.5

nvd

больше 4 лет назад

Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other sensitive information via GraphQL because permission checks use an incorrect data type.

EPSS

Процентиль: 69%

0.00609

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-732