CVE-2022-3348
Exposure of Sensitive Information to an Unauthorized Actor in tooljet/tooljet
Just like in the previous report, an attacker could steal the account of different users. But in this case, it's a little bit more specific, because it is needed to be an editor in the same app as the victim.
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Productos afectados
tooljet · tooljet/tooljet¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →