Описание
HotCRP is conference review software. Starting in commit aa20ef288828b04550950cf67c831af8a525f508 and prior to commit ceacd5f1476458792c44c6a993670f02c984b4a0, authors with at least one submission on a HotCRP site could use the document API to download any documents (PDFs, attachments) associated with any submission. The problem was patched in commit ceacd5f1476458792c44c6a993670f02c984b4a0.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hotcrp:hotcrp:3.1:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00034
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-201
EPSS
Процентиль: 10%
0.00034
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-201