← voltar
CVE-2012-3473

CVE-2012-3473

EPSS 2.3%
The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://openwall.com/lists/oss-security/2012/08/09/5https://github.com/ushahidi/Ushahidi_Web/commit/13ca6f4https://github.com/ushahidi/Ushahidi_Web/commit/f67f4ad