Описание
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 3.8.8 (включая)
Одно из
cpe:2.3:a:ez:ez_publish:*:*:*:*:*:*:*:*
cpe:2.3:a:ez:ez_publish:3.9.0:*:*:*:*:*:*:*
cpe:2.3:a:ez:ez_publish:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:ez:ez_publish:3.9.2:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.0111
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
ubuntu
больше 18 лет назад
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
debian
больше 18 лет назад
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9 ...
github
больше 3 лет назад
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
EPSS
Процентиль: 77%
0.0111
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo