exploitDog

GHSA-wmr5-hhc3-fqcx

Опубликовано: 03 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

In VeridiumID before 3.5.0, the identity provider page allows an unauthenticated attacker to discover information about registered users via an LDAP injection attack.

In VeridiumID before 3.5.0, the identity provider page allows an unauthenticated attacker to discover information about registered users via an LDAP injection attack.

Ссылки

EPSS

Процентиль: 37%

0.00157

Низкий

6.5 Medium

CVSS3

CVE ID

Связанные уязвимости

CVE-2023-44038

CVSS3: 6.5

nvd

почти 2 года назад

In VeridiumID before 3.5.0, the identity provider page allows an unauthenticated attacker to discover information about registered users via an LDAP injection attack.

EPSS

Процентиль: 37%

0.00157

Низкий

6.5 Medium

CVSS3

CVE ID