Описание
An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.3.0.0 (включая) до 5.3.6.1 (включая)
Одно из
cpe:2.3:a:squiz:matrix:*:*:*:*:*:*:*:*
cpe:2.3:a:squiz:matrix:5.4.1.3:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.0052
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed.
EPSS
Процентиль: 66%
0.0052
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22