CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
31.4%
Changes form previous version All previous changes is here. [js:core] Fixed #2863 cssAutoLoad Array option is not working [js:core] Fixed #2862 stop autoSync when browser tab turn to background [cmd:search] Fixed #2867 support incremental search other than filename [VD:abstract] Fixed #2873 correct MIME-Type detection of “*.java” [js:extras:editors] Fixed #2879 adjustment save type of Photopea [js:resources:mixin] Fixed #2880 error “Uncaught TypeError” [VD:MySQL] Fixed #2883 problem that not uses tmpPath on _fopen() [js:extras:editors] Fixed problem of Online Convert by tag [ui:dialog] Fixed problem of dialog height by CSS percentage max-height [ui:cwd] Fixed #2865 add an option uiOptions.cwd.matekeyDragout [Security,php:core] Fixed being bypassable of CVE-2019-6257 SSRF And some minor bug fixes
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
31.4%