3 matches found
CVE-2023-34409
creationtimestamp| type| source ---|---|--- 2025-01-08 16:15:05+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/712...
CVE-2023-34409
In Percona Monitoring and Management PMM server 2.x before 2.37.1, the authenticate function in authserver.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made against unauthenticat...
CVE-2023-34409
Summary: CVE-2023-34409 affects Percona Monitoring and Management (PMM) server 2.x up to 2.37.1. The vulnerability stems from the authenticate function in auth_server.go, which does not properly formalize or sanitize URL paths to reject path traversal. This allows an unauthenticated remote user t...