CVE-2023-2665

EUVD-2023-1456
Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
@huntrdevCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
rosariosisrosariosis
𝑥
< 11.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/francoisjacquet/rosariosis/commit/09d5afaa6be07688ca1a7ac3b755b5438109e986
https://huntr.dev/bounties/42f38a84-8954-484d-b5ff-706ca0918194
https://github.com/francoisjacquet/rosariosis/commit/09d5afaa6be07688ca1a7ac3b755b5438109e986
https://huntr.dev/bounties/42f38a84-8954-484d-b5ff-706ca0918194