Описание
DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:digitiliti:digilibe:3.4:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.06061
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html.
EPSS
Процентиль: 90%
0.06061
Низкий
5 Medium
CVSS2
Дефекты
CWE-200