Описание
DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:digitiliti:digilibe:3.4:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11317
Средний
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html.
EPSS
Процентиль: 93%
0.11317
Средний
5 Medium
CVSS2
Дефекты
CWE-200