Описание
OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber', and download any uploaded files.
EPSS
Процентиль: 12%
0.00042
Низкий
7.5 High
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 7.5
github
около 1 месяца назад
OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber', and download any uploaded files.
EPSS
Процентиль: 12%
0.00042
Низкий
7.5 High
CVSS3
Дефекты
CWE-639