Lucene search
+L

4 matches found

Circl
Circl
added 2021/03/01 8:43 p.m.5 views

CVE-2020-36240

creationtimestamp| type| source ---|---|--- 2021-03-01 20:43:20+00:00| seen| https://t.me/cibsecurity/24305...

5.3CVSS5.5AI score0.01233EPSS
Exploits0References1
CVE
CVE
added 2021/03/01 4:23 p.m.63 views

CVE-2020-36240

The CVE-2020-36240 issue in Atlassian Crowd concerns the ResourceDownloadRewriteRule class, where versions prior to 4.0.4 and versions 4.1.0 to 4.1.1 (i.e., before 4.1.2) allow unauthenticated remote attackers to read arbitrary files inside WEB-INF and META-INF due to an incorrect path access che...

5.3CVSS5.3AI score0.01233EPSS
Exploits0References1Affected Software1
Atlassian
Atlassian
added 2021/02/16 6:29 p.m.82 views

Pre-Authorization Limited Arbitrary File Read in Crowd - CVE-2020-36240

The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, and from version 4.1.0 before 4.1.2 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. h3. Affected versions: version 4.0.4 4.10.0 ≤ versi...

5.3CVSS6.4AI score0.0233EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/02/16 6:29 p.m.50 views

Pre-Authorization Limited Arbitrary File Read in Crowd - CVE-2020-36240

The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, and from version 4.1.0 before 4.1.2 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. h3. Affected versions: version 4.0.4 4.10.0 ≤ versi...

5.3CVSS5.8AI score0.0233EPSS
Exploits0
Rows per page
Query Builder