Описание
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 3.8.8 (включая)
Одно из
cpe:2.3:a:ez:ez_publish:*:*:*:*:*:*:*:*
cpe:2.3:a:ez:ez_publish:3.9.0:*:*:*:*:*:*:*
cpe:2.3:a:ez:ez_publish:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:ez:ez_publish:3.9.2:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01039
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
ubuntu
около 18 лет назад
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
debian
около 18 лет назад
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9 ...
github
больше 3 лет назад
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
EPSS
Процентиль: 77%
0.01039
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo