Описание
An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete models created by the Administrator.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jeesite:jeesite:1.2.6:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00035
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 5.4
github
больше 2 лет назад
An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete models created by the Administrator.
EPSS
Процентиль: 10%
0.00035
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-732