Описание
Systemic Risk Value <=2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=. An unauthenticated attacker can exploit this issue to read arbitrary system files by supplying a crafted file path, potentially exposing sensitive information.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8.0 (включая)
cpe:2.3:a:systemic-rm:risk_value:*:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00275
Низкий
7.5 High
CVSS3
Дефекты
CWE-98
Связанные уязвимости
CVSS3: 7.5
github
11 месяцев назад
Systemic Risk Value <=2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=. An unauthenticated attacker can exploit this issue to read arbitrary system files by supplying a crafted file path, potentially exposing sensitive information.
EPSS
Процентиль: 51%
0.00275
Низкий
7.5 High
CVSS3
Дефекты
CWE-98