Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Pydio Cells 2.0.4, once an authenticated user shares a file selecting the create a public link option, a hidden shared user account is created in the backend with a random username. An anonymous user that obtains a valid public link can get the associated hidden account username and password and proceed to login to the web application. Once logged into the web application with the hidden user account, some actions that were not available with the public share link can now be performed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Abstrium Pydio Cells 安全漏洞
Vulnerability Description
Abstrium Pydio Cells是法国Abstrium公司的一款使用Go语言开发的下一代文件共享平台。 Abstrium Pydio Cells 2.0.4版本中存在安全漏洞。攻击者可利用该漏洞获取关联的隐藏账户用户名和密码,然后登陆Web应用执行公共共享链接所限制的操作。
CVSS Information
N/A
Vulnerability Type
N/A