5 matches found
CVE-2022-31260
In Montala ResourceSpace through 9.8 before r19636, csvexportresultsmetadata.php allows attackers to export collection metadata via a non-NULL k value...
CVE-2022-31260
In Montala ResourceSpace through 9.8 before r19636, csvexportresultsmetadata.php allows attackers to export collection metadata via a non-NULL k value...
Design/Logic Flaw
In Montala ResourceSpace through 9.8 before r19636, csvexportresultsmetadata.php allows attackers to export collection metadata via a non-NULL k value...
CVE-2022-31260
In Montala ResourceSpace through 9.8 before r19636, csvexportresultsmetadata.php allows attackers to export collection metadata via a non-NULL k value...
CVE-2022-31260
ResourceSpace CVE-2022-31260 affects Montala ResourceSpace up to version 9.8 prior to r19636. The flaw is in csv_export_results_metadata.php, where an attacker can export collection metadata by providing a non-NULL k value. Impact: unauthorized access to metadata. Mitigation: upgrade to the fixed...