MEDIUM🇵🇱 Wersja polska

CVE-2024-10141

CVSS 6.3v4.0pub. 2024-10-19upd. 2024-10-23

A vulnerability, which was classified as problematic, was found in jsbroks COCO Annotator 0.11.1. This affects an unknown part of the component Session Handler. The manipulation of the argument SECRET_KEY leads to predictable from observable state. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

CVSS Vector
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Jsbroks Coco Annotator

    APP
    Jsbroks
    0.11.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-2108MEDIUM5.5ten sam produkt

A vulnerability was determined in jsbroks COCO Annotator up to 0.11.1. This impacts an unknown function of the...

CVE-2026-2109LOW2.1ten sam produkt

W aplikacji jsbroks COCO Annotator do wersji 0.11.1 zidentyfikowano podatność. Dotyczy ona nieznanej funkcji p...