4 matches found
CVE-2024-25123
MSS Mission Support System is an open source package designed for planning atmospheric research flights. In file: index.py, there is a method that is vulnerable to path manipulation attack. By modifying file paths, an attacker can acquire sensitive information from different resources. The filena...
Design/Logic Flaw
MSS Mission Support System is an open source package designed for planning atmospheric research flights. In file: index.py, there is a method that is vulnerable to path manipulation attack. By modifying file paths, an attacker can acquire sensitive information from different resources. The filena...
CVE-2024-25123 Path Manipulation in file mslib/index.py in MSS
MSS Mission Support System is an open source package designed for planning atmospheric research flights. In file: index.py, there is a method that is vulnerable to path manipulation attack. By modifying file paths, an attacker can acquire sensitive information from different resources. The filena...
CVE-2024-25123
MSS (Mission Support System) contains a path manipulation vulnerability in mslib/index.py where the filename route parameter can include ../, enabling reading of files outside the intended directory. This affects MSS prior to version 8.3.3; upgrade to 8.3.3 to mitigate. The issue is caused by how...