Описание
An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the application exposing a password reset API endpoint that fails to validate the identity of the requester properly
EPSS
Процентиль: 57%
0.00357
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 9.8
github
6 месяцев назад
An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the application exposing a password reset API endpoint that fails to validate the identity of the requester properly
EPSS
Процентиль: 57%
0.00357
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-287