Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Information exposure in touchbase.ai
Vulnerability Description
toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Anyone with access to the uploaded image of other users could obtain its geolocation, device, and software version data etc (if present. The issue is fixed in version 2.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Puncsky Touchbase.ai 信息泄露漏洞
Vulnerability Description
Puncsky Touchbase.ai是Puncsky个人开发者的一个用于人际关系的 web 平台。 touchbase.ai 2.0之前版本存在安全漏洞,该漏洞源于不会从图像中剥离exif数据,从而泄露信息。任何能够访问其他用户上传的图片的人都可以获得它的地理位置、设备和软件版本数据等(如果存在的话)。
CVSS Information
N/A
Vulnerability Type
N/A