4 matches found
CVE-2023-31064
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7....
CVE-2023-31064
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7....
CVE-2023-31064 Apache InLong: Insecurity direct object references cancelling applications
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7....
CVE-2023-31064
CVE-2023-31064 affects Apache InLong 1.2.0–1.6.0. The issue stems from files/directories being accessible to external parties, allowing a user to cancel an application that does not belong to them. The root cause is improper restrictions on the directory path when loading files. Exploitation is p...