exploitDog

GHSA-q3m5-g9pg-7793

Опубликовано: 26 нояб. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 allows attackers with low-level privileges to dump user records and access sensitive information.

Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 allows attackers with low-level privileges to dump user records and access sensitive information.

Ссылки

EPSS

Процентиль: 10%

0.00034

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-65238

CVSS3: 6.5

nvd

2 месяца назад

Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 allows attackers with low-level privileges to dump user records and access sensitive information.

EPSS

Процентиль: 10%

0.00034

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-284