CVE-2020-5840
N/A
N/A
Summary
An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/Resource/Connection.js allows an attacker to reach a parent directory via a crafted name or ID field.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/HashBrownCMS/hashbrown-cms/compare/v1.3.1…v1.3.2
- https://github.com/HashBrownCMS/hashbrown-cms/releases/tag/v1.3.2
References
- https://github.com/HashBrownCMS/hashbrown-cms/compare/v1.3.1…v1.3.2
- https://github.com/HashBrownCMS/hashbrown-cms/releases/tag/v1.3.2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.