Описание
The application is vulnerable to an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. Also vulnerable to account takeover and arbitrary password change.
EPSS
Процентиль: 28%
0.00098
Низкий
7.5 High
CVSS3
Дефекты
CWE-302
Связанные уязвимости
CVSS3: 7.5
github
почти 2 года назад
The application is vulnerable to an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. Also vulnerable to account takeover and arbitrary password change.
EPSS
Процентиль: 28%
0.00098
Низкий
7.5 High
CVSS3
Дефекты
CWE-302