Описание
The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view the “OPEN” and “CLOSED” issues by “Admin” and the affected endpoint is “/issue”.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 0.1.0 (включая) до 1.0.4 (включая)
cpe:2.3:a:bytebase:bytebase:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00172
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-285
CWE-732
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
Bytebase does not restrict low privilege user to access admin issues
EPSS
Процентиль: 39%
0.00172
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-285
CWE-732