CVE-2022-45895

CVSS 6.5 MEDIUMEPSS 0.7%CWE-668

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/