An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the dir parameter to /api/backend/core/web-file-html/download-zip.
References
Link | Resource |
---|---|
https://github.com/ujcms/ujcms/issues/6 | Exploit Issue Tracking Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-06-14T00:00:00
Updated: 2023-06-14T00:00:00
Reserved: 2023-06-07T00:00:00
Link: CVE-2023-34878
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-14T14:15:10.880
Modified: 2023-06-22T17:12:17.883
Link: CVE-2023-34878
JSON object: View
Redhat Information
No data.
CWE