Описание
Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product.
Ссылки
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.10.13 (исключая)
cpe:2.3:a:irohasoft:iroha_board:*:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00029
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-425
Связанные уязвимости
CVSS3: 4.3
github
8 месяцев назад
Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product.
EPSS
Процентиль: 8%
0.00029
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-425