exploitDog

GHSA-wj9r-vmgq-6f4j

Опубликовано: 18 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features.

Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features.

Ссылки

EPSS

Процентиль: 98%

0.62758

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2021-46107

CVSS3: 7.5

nvd

почти 4 года назад

Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features.

EPSS

Процентиль: 98%

0.62758

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-918