Описание
In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 (#7254) and further versions.
EPSS
Процентиль: 8%
0.00031
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 6.5
github
29 дней назад
In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 (#7254) and further versions.
EPSS
Процентиль: 8%
0.00031
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-125