PT-2023-10219 · Gitlearn · Gitlearn
Avere001
·
Publicado
2023-01-13
·
Atualizado
2024-05-17
·
CVE-2015-10040
CVSS v2.0
5.5
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
gitlearn (affected versions not specified)
Description
A vulnerability was found in the function
getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. This issue leads to injection and can be initiated remotely.Recommendations
Apply a patch to fix this issue. Specifically, it is recommended to apply the patch identified as 3faa5deaa509012069afe75cd03c21bda5050a64. As a temporary workaround, consider disabling the
getGrade/getOutOf function until a patch is available.Exploit
Correção
Improper Encoding or Escaping of Output
Special Elements Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Gitlearn