An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The Add Collaborator allows unlimited data via the author parameter, even if the data does not match anything in the database.
References
Link | Resource |
---|---|
https://www.websec.nl/news.php | Patch Third Party Advisory |
https://www.websec.nl/news.php | Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 04:35
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.websec.nl/news.php - Patch, Third Party Advisory |
Information
Published : 2020-01-15 23:15
Updated : 2024-11-21 04:35
NVD link : CVE-2019-19859
Mitre link : CVE-2019-19859
CVE.ORG link : CVE-2019-19859
JSON object : View
Products Affected
serpico_project
- serpico
CWE