Описание
SummaryA user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available.
ImpactAn administrator who usually does not have access to certain parameters, such as database credentials, can disclose them.
EPSS
Процентиль: 11%
0.00037
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-283
Связанные уязвимости
CVSS3: 5.5
github
около 1 месяца назад
Mautic vulnerable to secret data extraction via elfinder
EPSS
Процентиль: 11%
0.00037
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-283