Описание
Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to bypass authorization via vectors related to the (1) importForm, (2) importFeed, (3) addFavorite, or (4) removeFavorite actions in action.php.
Уязвимые конфигурации
Конфигурация 1Версия до 1.4 (включая)
cpe:2.3:a:idleman:leed:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00397
Низкий
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to bypass authorization via vectors related to the (1) importForm, (2) importFeed, (3) addFavorite, or (4) removeFavorite actions in action.php.
EPSS
Процентиль: 60%
0.00397
Низкий
5 Medium
CVSS2
Дефекты
CWE-20