exploitDog

GHSA-xj53-rhqx-x9x6

Опубликовано: 13 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability

In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability

Ссылки

EPSS

Процентиль: 44%

0.00214

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2022-2828

CVSS3: 6.5

nvd

больше 3 лет назад

In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability

EPSS

Процентиль: 44%

0.00214

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-639