Описание
Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestbook profile to modify or delete arbitrary guestbook profiles via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Ссылки
- Patch
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8.4a (включая)
Одно из
cpe:2.3:a:yana_framework:yana_framework:*:*:*:*:*:*:*:*
cpe:2.3:a:yana_framework:yana_framework:2.8:*:*:*:*:*:*:*
cpe:2.3:a:yana_framework:yana_framework:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:yana_framework:yana_framework:2.8.2a:*:*:*:*:*:*:*
cpe:2.3:a:yana_framework:yana_framework:2.8.3a:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00531
Низкий
4.9 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestbook profile to modify or delete arbitrary guestbook profiles via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
EPSS
Процентиль: 67%
0.00531
Низкий
4.9 Medium
CVSS2
Дефекты
NVD-CWE-noinfo