PT-2019-14456 · Cksource · Ckfinder
Joshua Provoste
·
Publicado
2019-09-26
·
Atualizado
2019-10-01
·
CVE-2019-15891
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
CKFinder versions 2.6.2.1 and earlier
CKFinder versions 3.x through 3.5.0
Description
The issue arises from misleading information in the documentation of CKFinder, which may lead to the incorrect assumption that the application has built-in content sniffing protection.
Recommendations
For CKFinder versions 2.6.2.1 and earlier, update to a version later than 2.6.2.1.
For CKFinder versions 3.x through 3.5.0, update to a version later than 3.5.0.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ckfinder