Описание
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS2
Дефекты
Связанные уязвимости
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.
query.py in the query interface in ViewVC before 1.1.3 does not reject ...
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.
EPSS
7.5 High
CVSS2