A remote unauthenticated attacker can trigger the session id functionality to potentially escalate privileges. A remote authenticated attacker can trigger the session id functionality to potentially escalate privileges.
Impact Level: Medium
CVE: N/A
CVSS Score: 6.5
GitHub: AVideo v11.6 and dev master commit 3f7c0364
The following is a list of software versions and patches that resolve this vulnerability.
Affected Software Versions & Patches AVideo v11.6 and dev master commit 3f7c0364 - resolved in version v11.6 and patch v3f7c0364
Severity: Medium
CVSS Score: 6.5
Affected Products:
OnDev v6.0 - resolved in version v6.0
Affected version: 11.6 and dev master commit 3f7c0364
Impact of Vulnerability: An attacker can potentially escalate privileges.
Workaround: There is no known workaround at this time.
OnDev v6.0
OnDev v6.0 is a software development and collaboration platform that allows developers to build, share, and manage their projects online.
CVE: N/A
CVSS Score: 6.5
GitHub: AVideo v11.6 and dev master commit 3f7c0364
The following is a list of software versions and patches that resolve this vulnerability.
Affected Software Versions & Patches AVideo v11.6 and dev master commit 3f7c0364 - resolved in version v11.6 and patch v3f7c0364
Timeline
Published on: 08/22/2022 19:15:00 UTC
Last modified on: 08/26/2022 14:17:00 UTC