exploitDog

GHSA-vpcq-q3j7-8xgp

Опубликовано: 17 июн. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler.

Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler.

Ссылки

EPSS

Процентиль: 65%

0.00486

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2022-31372

CVSS3: 7.5

nvd

больше 3 лет назад

Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler.

EPSS

Процентиль: 65%

0.00486

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22