CVE-2021-47760

Опубликовано: 15 янв. 2026

Источник: nvd

Описание

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as a duplicate.

Связанные уязвимости

GHSA-2p54-q56g-9668

CVSS3: 9.8

github

23 дня назад

TestLink versions 1.16 through 1.19 contain an unauthenticated file download vulnerability in the attachmentdownload.php endpoint. Attackers can download arbitrary files by iterating file IDs through the 'id' parameter with 'skipCheck=1' to bypass access controls.