ГлавнаяУязвимости → CVE-2026-30828
7.5высокая

CVE-2026-30828

Описание

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2.

Затрагиваемое ПО
Wallosapp Wallos
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://github.com/ellite/Wallos/commit/e8a513591dbbf885966e2ef55c38622785b9060dhttps://github.com/ellite/Wallos/releases/tag/v4.6.2https://github.com/ellite/Wallos/security/advisories/GHSA-p7qj-669r-grvc