CVE-2019-12395
In Webbukkit Dynmap 3.0-beta-3 or below, due to a missing login check in servlet/MapStorageHandler.java, an attacker can see a map image without login even if victim enables login-required in setting.
5.3CVSS
5.2AI Score
0.002EPSS