← volver
CVE-2012-3473

CVE-2012-3473

EPSS 2.3%
The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://openwall.com/lists/oss-security/2012/08/09/5https://github.com/ushahidi/Ushahidi_Web/commit/13ca6f4https://github.com/ushahidi/Ushahidi_Web/commit/f67f4ad