Lucene search

K
githubGitHub Advisory DatabaseGHSA-Q72P-4W56-HX7H
HistoryJul 22, 2022 - 12:00 a.m.

Hardcoded JWT Token in Lin CMS Spring Boot

2022-07-2200:00:37
CWE-668
GitHub Advisory Database
github.com
8

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.016 Low

EPSS

Percentile

87.5%

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.

Affected configurations

Vulners
Node
github_advisory_databaseio.github.talelin\Matchlin-cms-core
CPENameOperatorVersion
io.github.talelin:lin-cms-corele0.2.1

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.016 Low

EPSS

Percentile

87.5%

Related for GHSA-Q72P-4W56-HX7H