7.5
CVE-2021-36544
- EPSS 0.92%
- Veröffentlicht 03.02.2023 18:15:10
- Zuletzt bearbeitet 26.03.2025 17:15:21
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginIncorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tpcms Project ≫ Tpcms Version3.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.92% | 0.557 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.
https://gitee.com/happy_source/tpcms/issues/I3YNWY