2 matches found
CVE-2022-25336
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference IDOR attacks against image files because the image path and filename can be correctly deduced...
CVE-2022-25336
CVE-2022-25336 affects Ibexa DXP Ezpublish-kernel: versions 7.5.x before 7.5.26 and 1.3.x before 1.3.12. The issue is an Insecure Direct Object Reference (IDOR) against image files because the image path and filename can be inferred, enabling access to potentially sensitive images. Connected sour...