Описание
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability exists in the GetASPReport feature. This allows any authenticated user to retrieve ASP reports from an HTML form.
Уязвимые конфигурации
Конфигурация 1Версия до 23.1.3 (исключая)
cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00101
Низкий
7.1 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-918
CWE-918
Связанные уязвимости
CVSS3: 7.1
github
больше 1 года назад
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability exists in the GetASPReport feature. This allows any authenticated user to retrieve ASP reports from an HTML form.
EPSS
Процентиль: 28%
0.00101
Низкий
7.1 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-918
CWE-918