Количество 2
Количество 2
CVE-2019-12245
больше 6 лет назад
SilverStripe through 4.3.3 has incorrect access control for protected files uploaded via Upload::loadIntoFile(). An attacker may be able to guess a filename in silverstripe/assets via the AssetControlExtension.
CVSS3: 5.3
EPSS: Низкий
GHSA-jvx5-rm6q-gx7p
около 6 лет назад
Lack of access control on upoaded files
CVSS3: 5.3
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-12245 SilverStripe through 4.3.3 has incorrect access control for protected files uploaded via Upload::loadIntoFile(). An attacker may be able to guess a filename in silverstripe/assets via the AssetControlExtension. | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
| GHSA-jvx5-rm6q-gx7p Lack of access control on upoaded files | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу
20