exploitDog

GHSA-xh63-f847-m5r7

Опубликовано: 28 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An issue was discovered in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker can bypass the authentication check filter completely by introducing a specially crafted request with relative path segments.

An issue was discovered in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker can bypass the authentication check filter completely by introducing a specially crafted request with relative path segments.

Ссылки

EPSS

Процентиль: 33%

0.0013

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2023-25264

CVSS3: 7.5

nvd

почти 3 года назад

An issue was discovered in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker can bypass the authentication check filter completely by introducing a specially crafted request with relative path segments.

EPSS

Процентиль: 33%

0.0013

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-287