← Voltar para CVEs
CVE-2019-11218
N/ADescricao
Improper handling of extra parameters in the AccountController (User Profile edit) in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows authenticated users to gain application administrator privileges via additional form parameter submissions.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado4/24/2019
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
bonobogitserver:bonobo_git_server
Fraquezas (CWE)
CWE-20
Referencias
https://bonobogitserver.com/changelog/#version-650(cve@mitre.org)
https://flab.cesnet.cz/advisories/cve-2019-11218(cve@mitre.org)
https://bonobogitserver.com/changelog/#version-650(af854a3a-2127-422b-91ae-364da2661108)
https://flab.cesnet.cz/advisories/cve-2019-11218(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.