[Japanese] | |
JVNDB-2024-000109 | |
baserCMS plugin "BurgerEditor" vulnerable to directory listing | |
Overview | |
baserCMS plugin "BurgerEditor" provided by D-ZERO CO.,LTD. contains a directory listing vulnerability (CWE-548, CVE-2024-44807). | |
CVSS Severity (What is CVSS?) | |
CVSS V3 Severity:
Base Metrics 5.3 (Medium) [IPA Score]
| |
Affected Products | |
| |
D-ZERO CO.,LTD. | |
Note that "BurgerEditor" for baserCMS 5 series is not affected the vulnerability. | |
Impact | |
A list of uploaded files and/or files may be obtained without authentication on the web site that uses the plugin. | |
Solution | |
[Update the plugin] | |
Vendor Information | |
D-ZERO CO.,LTD. | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2024/10/10 |
Date First Published | 2024/10/10 |
Date Last Updated | 2024/10/10 |