2 matches found
CVE-2020-13129
An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with clientkey and deviceid data in the query string, which allows attackers to obtain sensitive information by reading web-server logs...
CVE-2020-13129
Stashcat app (versions up to 3.9.1 on macOS/Windows/Android/iOS) is affected by a information-disclosure flaw where a GET request includes client_key and device_id in the query string, allowing an observer with access to web server logs to read sensitive data. CVSSv3.1 base score 7.2 ( HIGH ) wit...