exploitDog

GHSA-ph42-3v2x-r6x8

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

An issue was discovered in OFCMS before 1.1.3. It has admin/cms/template/getTemplates.html?res_path=res&up_dir=../ directory traversal, related to the getTemplates function in TemplateController.java.

An issue was discovered in OFCMS before 1.1.3. It has admin/cms/template/getTemplates.html?res_path=res&up_dir=../ directory traversal, related to the getTemplates function in TemplateController.java.

Ссылки

EPSS

Процентиль: 45%

0.00223

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2019-9610

CVSS3: 4.3

nvd

почти 7 лет назад

An issue was discovered in OFCMS before 1.1.3. It has admin/cms/template/getTemplates.html?res_path=res&up_dir=../ directory traversal, related to the getTemplates function in TemplateController.java.

EPSS

Процентиль: 45%

0.00223

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-22