Sensitive Information Leakage in kodbox by Mo60
CVE-2023-29790

7.5HIGH

Key Information:

Vendor: Kodcloud
Status: Kodbox
Vendor: CVE Published:; 12 May 2023

What is CVE-2023-29790?

kodbox versions 1.2.x through 1.3.7 are susceptible to a sensitive information leakage vulnerability, which may expose confidential data to unauthorized access. This issue compromises the integrity and confidentiality of user data, necessitating immediate attention to secure the affected versions. Users should review their security settings and apply necessary updates to mitigate potential risks.

References

https://blog.mo60.cn/index.php/archives/kodbox.html

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2023
Vulnerability Reserved
Apr 7, 2023

CVE-2023-29790 Data

JSON

Kodcloud

What is CVE-2023-29790?

References

CVSS V3.1

Timeline