Описание
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 - #164, an authorization bypass vulnerability in the AJAX flagging system allows any unauthenticated user to flag any content (users, videos, photos, collections) on the platform. This can lead to mass flagging attacks, content disruption, and moderation system abuse. This issue has been patched in version 5.5.2 - #164.
Ссылки
- Patch
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.3 (включая) до 5.5.2-164 (исключая)
cpe:2.3:a:oxygenz:clipbucket:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00105
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-770
EPSS
Процентиль: 29%
0.00105
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-770