Описание
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference.
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cdsoft:winhotel.mx:2021:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00213
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference.
EPSS
Процентиль: 44%
0.00213
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-639