PT-2020-14301 · Ractf · Ractf

0Xada

+3

·

Published

2020-10-05

·

Updated

2020-10-19

·

CVE-2020-15235

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions RACTF versions prior to commit f3dc89b
Description The issue allows unauthenticated users to access sensitive config keys that are normally hidden from everyone except admins.
Recommendations For versions prior to commit f3dc89b, update to a version after commit f3dc89b to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2020-15235
GHSA-PH67-C355-52VM

Affected Products

Ractf