← voltar
CVE-2017-10679

CVE-2017-10679

EPSS 2.5%
Piwigo through 2.9.1 allows remote attackers to obtain sensitive information about the descriptive name of a permalink by examining the redirect URL that is returned in a request for the permalink ID number of a private album. The permalink ID numbers are easily guessed.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/Piwigo/Piwigo/issues/721https://github.com/Piwigo/Piwigo/issues/723http://www.securityfocus.com/bid/99380