ГлавнаяУязвимости → CVE-2024-28215
7.5высокая

CVE-2024-28215

Описание

nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery.

Затрагиваемое ПО
Naver Ngrinder
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://cve.naver.com/detail/cve-2024-28215.htmlhttps://cve.naver.com/detail/cve-2024-28215.html