PT-2023-12543 · Ortus Solutions · Coldbox Elixir
Published
2023-11-06
·
Updated
2026-03-26
·
CVE-2021-4430
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Ortus Solutions ColdBox Elixir version 3.1.6
Description
A problematic vulnerability has been found in Ortus Solutions ColdBox Elixir, affecting the ENV Variable Handler component, specifically the file src/defaultConfig.js. This issue leads to information disclosure.
Recommendations
For version 3.1.6, upgrade to version 3.1.7 to address this issue.
Fix
LPE
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coldbox Elixir