4 matches found
CVE-2023-25814
metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a resource file through UI operations is able to append a path to their submission query which will be read by the system and displayed to the user. This allows a users of the...
CVE-2023-25814 Arbitrary File Read Vulnerability in metersphere
metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a resource file through UI operations is able to append a path to their submission query which will be read by the system and displayed to the user. This allows a users of the...
CVE-2023-25814 Arbitrary File Read Vulnerability in metersphere
metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a resource file through UI operations is able to append a path to their submission query which will be read by the system and displayed to the user. This allows a users of the...
CVE-2023-25814
Vulnerability overview (CVE-2023-25814) : metersphere prior to 2.7.1 allows a user with UI-created resource file permission to append a path to their submission query, which is then read and displayed by the system, enabling read access to arbitrary server filesystem files if the server process h...