Описание
Systemic Risk Value <=2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=. An unauthenticated attacker can exploit this issue to read arbitrary system files by supplying a crafted file path, potentially exposing sensitive information.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8.0 (включая)
cpe:2.3:a:systemic-rm:risk_value:*:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.0008
Низкий
7.5 High
CVSS3
Дефекты
CWE-98
Связанные уязвимости
CVSS3: 7.5
github
5 месяцев назад
Systemic Risk Value <=2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=. An unauthenticated attacker can exploit this issue to read arbitrary system files by supplying a crafted file path, potentially exposing sensitive information.
EPSS
Процентиль: 24%
0.0008
Низкий
7.5 High
CVSS3
Дефекты
CWE-98