Описание
An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.
Ссылки
- Product
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:edly:tutor:20.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 0%
0.00007
Низкий
3.3 Low
CVSS3
Дефекты
CWE-384
Связанные уязвимости
CVSS3: 3.3
github
2 месяца назад
Overhang Tutor Discloses Sensitive Information due to Improper Cache-Control
EPSS
Процентиль: 0%
0.00007
Низкий
3.3 Low
CVSS3
Дефекты
CWE-384