Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Module/Settings/UserExport.php in Friendica through 2021.01 allows settings/userexport to be used by anonymous users, as demonstrated by an attempted access to an array offset on a value of type null, and excessive memory consumption. NOTE: the vendor states "the feature still requires a valid authentication cookie even if the route is accessible to non-logged users.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Friendica 安全漏洞
Vulnerability Description
Friendica是德国Friendica社区的一个应用软件。提供去中心化的社交网络。 Friendica 2021.01 版本及之前版本Module/Settings/UserExport.php存在安全漏洞,该漏洞允许匿名用户使用userexport设置。
CVSS Information
N/A
Vulnerability Type
N/A