In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application.
9.8CVSS
9.6AI Score
0.006EPSS
Knowage is an open source analytics and business intelligence suite. Starting in the 6.x.x branch and prior to version 8.1.8, the endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to upload template file on the server, but does not need any authorization to be...
9.9CVSS
8.8AI Score
0.001EPSS