Описание
ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" (question mark) character.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:macromedia:coldfusion_fusebox:4.1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00297
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" (question mark) character.
EPSS
Процентиль: 53%
0.00297
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other