Описание
InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:invoiceplane:invoiceplane:1.6.1:-:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 5.3
github
около 2 месяцев назад
InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data.
EPSS
Процентиль: 9%
0.00032
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-639