We found results for “”
CVE-2023-28330
Good to know:
Date: March 23, 2023
Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.
Language: PHP
Severity Score
Related Resources (7)
Severity Score
Weakness Type (CWE)
Input Validation
CWE-20Insufficient Information
NVD-CWE-noinfoTop Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |