Описание
eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this issue.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.4 (исключая)
cpe:2.3:a:elabftw:elabftw:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.0016
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-863
EPSS
Процентиль: 37%
0.0016
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-863