CVE-2023-31726

AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
alist_projectalist
3.15.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://alist.nn.ci/zh/
https://github.com/J6451/CVE-2023-31726
https://alist.nn.ci/zh/
https://github.com/J6451/CVE-2023-31726
https://github.com/J6451/CVE-2023-31726/blob/main/CVE-2023-31726.py