Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NOmeka S
APPOmeka< 4.0.4
π΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2023-4159HIGH8.8ten sam produkt
Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-4561MEDIUM4.8ten sam produkt
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4.
CVE-2023-4157MEDIUM5.2ten sam produkt
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in G...
CVE-2023-4158MEDIUM5.4ten sam produkt
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-3980MEDIUM4.8ten sam vendor
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.