exploitDog

CVE-2020-24227

Опубликовано: 23 нояб. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to UserProfiles.sol to extract the email and password.

Ссылки

https://github.com/nathunandwani/CVE-2020-24227
Exploit
Third Party Advisory
https://github.com/nathunandwani/CVE-2020-24227
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:playgroundsessions:playground_sessions:*:*:*:*:*:windows:*:*

Версия до 2.5.582 (включая)

EPSS

Процентиль: 69%

0.00617

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-522

Связанные уязвимости

GHSA-qm74-j33c-557g

github

больше 3 лет назад

Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to UserProfiles.sol to extract the email and password.

EPSS

Процентиль: 69%

0.00617

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-522