exploitDog

GHSA-qh5q-fw44-7cp6

Опубликовано: 17 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to impact a minor integrity feature. Exploitation of this issue does require user interaction.

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to impact a minor integrity feature. Exploitation of this issue does require user interaction.

Ссылки

EPSS

Процентиль: 80%

0.01322

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2023-44355

CVSS3: 4.3

nvd

около 2 лет назад

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to impact a minor integrity feature. Exploitation of this issue does require user interaction.

BDU:2023-08111

CVSS3: 4.3

fstec

около 2 лет назад

Уязвимость программной платформы ColdFusion, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю обойти функции безопасности

EPSS

Процентиль: 80%

0.01322

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-20