exploitDog

GHSA-wx2g-pjx5-v6r9

Опубликовано: 25 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.3

Описание

An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to access and returns all user information, including passwords

An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to access and returns all user information, including passwords

Ссылки

EPSS

Процентиль: 43%

0.00207

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2024-46609

CVSS3: 7.5

nvd

больше 1 года назад

An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to access and returns all user information, including passwords

EPSS

Процентиль: 43%

0.00207

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-284