Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:12 p.m.6 views

CVE-2021-36389

In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIImage.i4"...

7.5CVSS6.8AI score0.02991EPSS
Exploits2References1
OSV
OSV
added 2021/10/14 7:15 p.m.3 views

CVE-2021-36389

In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIImage.i4"...

7.5CVSS7.1AI score0.02991EPSS
Exploits2References5
CVE
CVE
added 2021/10/14 6:27 p.m.84 views

CVE-2021-36389

CVE-2021-36389 affects Yellowfin prior to 9.6.1, where an Insecure Direct Object Reference on the MIImage.i4 page allows enumeration and download of uploaded images. The vulnerability arises from unauthorized access to image resources via a crafted HTTP GET request, enabling disclosure of uploade...

7.5CVSS7.5AI score0.02991EPSS
Exploits2References5Affected Software1
0day.today
0day.today
added 2021/10/14 12:0 a.m.242 views

Yellowfin Cross Site Scripting / Insecure Direct Object Reference Vulnerabilities

Yellowfin versions prior to 9.6.1 suffer from persistent cross site scripting and insecure direct object reference vulnerabilities. YELLOWFIN 9.6.1 MULTIPLE VULNERABILITIES ---------------------------------------------------- Vulnerability: ============== Stored Cross-Site Scripting Affected...

7.5CVSS6.4AI score0.03053EPSS
Exploits2
Packet Storm
Packet Storm
added 2021/10/14 12:0 a.m.326 views

Yellowfin Cross Site Scripting / Insecure Direct Object Reference

YELLOWFIN 9.6.1 MULTIPLE VULNERABILITIES ---------------------------------------------------- Vulnerability: ============== Stored Cross-Site Scripting Affected Products and Versions: =============================== Yellowfin 9.6.1 CVEID: ====== CVE-2021-36387 CVSSv3.1 Score: =============== 5.4...

6.4AI score0.03053EPSS
Exploits2
Rows per page
Query Builder