Описание
Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all. This error was introduced in v3.57.2 and immediately fixed in v3.57.4.
Ссылки
- Patch
- Vendor Advisory
- Not Applicable
- Patch
- Vendor Advisory
- Not Applicable
Уязвимые конфигурации
Конфигурация 1Версия от 3.57.2 (включая) до 3.57.4 (исключая)
cpe:2.3:a:tolgee:tolgee:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00301
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-863
EPSS
Процентиль: 53%
0.00301
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-863