7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
25.1%
Changes form previous version All previous changes is here. [js:core] Fixed #2863 cssAutoLoad Array option is not working [js:core] Fixed #2862 stop autoSync when browser tab turn to background [cmd:search] Fixed #2867 support incremental search other than filename [VD:abstract] Fixed #2873 correct MIME-Type detection of “*.java” [js:extras:editors] Fixed #2879 adjustment save type of Photopea [js:resources:mixin] Fixed #2880 error “Uncaught TypeError” [VD:MySQL] Fixed #2883 problem that not uses tmpPath on _fopen() [js:extras:editors] Fixed problem of Online Convert by tag [ui:dialog] Fixed problem of dialog height by CSS percentage max-height [ui:cwd] Fixed #2865 add an option uiOptions.cwd.matekeyDragout [Security,php:core] Fixed being bypassable of CVE-2019-6257 SSRF And some minor bug fixes
CPE | Name | Operator | Version |
---|---|---|---|
studio-42/elfinder | lt | 2.1.49 |
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
25.1%