CVE-2019-7535

2019-02-0715:00:00

mitre

www.cve.org

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

35.9%

JSON

index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as demonstrated by full path disclosure and the identification of PHP as the backend technology.

References

gist.github.com/nenf/2f16cd547c2afe166d1cb3f88f18bf81