CVE-2023-31726

EUVD-2023-36017
AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
alistgoalist
3.15.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://alist.nn.ci/zh/
https://github.com/J6451/CVE-2023-31726
https://alist.nn.ci/zh/
https://github.com/J6451/CVE-2023-31726
https://github.com/J6451/CVE-2023-31726/blob/main/CVE-2023-31726.py