Описание
A vulnerability in Pantera CRM versions 401.152 and 402.072 allows unauthorized attackers to bypass IP-based access controls by manipulating the X-Forwarded-For header.
EPSS
Процентиль: 29%
0.00106
Низкий
7.5 High
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
Insecure Permissions vulnerability in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v.402.072 allows a remote attacker to execute arbitrary code via modification of the X-Forwarded-For header component.
EPSS
Процентиль: 29%
0.00106
Низкий
7.5 High
CVSS3
Дефекты
CWE-863