Vulnerability Found in Kitsada8621 Digital Library Management System 1.0

CVE-2024-8297

7.5HIGH

Key Information

Vendor: Kitsada8621
Status: Digital Library Management System
Vendor: CVE Published:; 29 August 2024

Summary

A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been classified as problematic. Affected is the function JwtRefreshAuth of the file middleware/jwt_refresh_token_middleware.go. The manipulation of the argument Authorization leads to improper output neutralization for logs. It is possible to launch the attack remotely. The name of the patch is 81b3336b4c9240f0bf50c13cb8375cf860d945f1. It is recommended to apply a patch to fix this issue.

Affected Version(s)

Digital Library Management System = 1.0

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: null to: 5.3 - (MEDIUM)
Aug 29, 2024
VulDB entry last update
Aug 29, 2024
Vulnerability Reserved.
Aug 29, 2024
VulDB entry created
Aug 29, 2024
Advisory disclosed
Aug 29, 2024
Vulnerability published.
Aug 29, 2024

Collectors

NVD DatabaseMitre Database

Credit

zihe (VulDB User)