Описание
changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, a Zip Slip vulnerability in the backup restore functionality allows arbitrary file overwrite via path traversal in uploaded ZIP archives. This issue has been patched in version 0.54.4.
Уязвимые конфигурации
Конфигурация 1Версия до 0.54.4 (исключая)
cpe:2.3:a:webtechnologies:changedetection:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00069
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-22
Связанные уязвимости
github
26 дней назад
changedetection.io has Zip Slip vulnerability in the backup restore functionality
EPSS
Процентиль: 21%
0.00069
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-22