6 matches found
Divante Vue Storefront Information Disclosure (CVE-2020-11883)
An information disclosure vulnerability exists in Divante Vue Storefront. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
CVE-2020-11883
In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...
CVE-2020-11883
In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...
Code injection
In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...
CVE-2020-11883
In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...
CVE-2020-11883
The CVE-2020-11883 entry concerns Divante Vue Storefront API (Divante vue-storefront-api up to v1.11.1) and storefront-api (up to v1.0-rc.1) used in VueStorefront PWA. The issue is an information-disclosure/stack-trace exposure: unexpected HTTP requests trigger an exception that reveals internal ...