Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-2720

Опубликовано: 05 авг. 2011
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request.

РелизСтатусПримечание
devel

not-affected

0.83.1-1
hardy

ignored

end of life
lucid

ignored

end of life
maverick

ignored

end of life
natty

ignored

end of life
oneiric

ignored

end of life
precise

not-affected

0.80.7-1
quantal

not-affected

0.83.1-1
raring

not-affected

0.83.1-1
saucy

not-affected

0.83.1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 77%
0.01024
Низкий

5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2011-2720

nvd
больше 14 лет назад

The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request.

debian логотип

CVE-2011-2720

debian
больше 14 лет назад

The autocompletion functionality in GLPI before 0.80.2 does not blackl ...

github логотип

GHSA-v8g3-5fhj-q8xr

github
больше 3 лет назад

The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request.

EPSS

Процентиль: 77%
0.01024
Низкий

5 Medium

CVSS2