Описание
Multiple API endpoints allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only.
EPSS
Процентиль: 15%
0.0005
Низкий
Дефекты
CWE-639
Связанные уязвимости
github
около 2 месяцев назад
pretix has Broken Access Control Allowing Cross-User File Access via UUID
EPSS
Процентиль: 15%
0.0005
Низкий
Дефекты
CWE-639