Описание
Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:emuse_-_eservices_\/_envoice_project:emuse_-_eservices_\/_envoice:-:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.0021
Низкий
6.1 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-359
CWE-200
Связанные уязвимости
CVSS3: 7.5
github
почти 4 года назад
Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service.
EPSS
Процентиль: 43%
0.0021
Низкий
6.1 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-359
CWE-200