exploitDog

GHSA-ph7x-54x8-xfcg

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL.

The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL.

Ссылки

EPSS

Процентиль: 40%

0.00184

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2015-4463

CVSS3: 6.5

nvd

больше 8 лет назад

The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL.

EPSS

Процентиль: 40%

0.00184

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-434