Описание
An issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of auto-completion input allows an authenticated attacker to extract other users email addresses
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.0 (исключая)
cpe:2.3:a:hunter2_project:hunter2:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00128
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-312
CWE-312
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
An issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of auto-completion input allows an authenticated attacker to extract other users email addresses
EPSS
Процентиль: 33%
0.00128
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-312
CWE-312