Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Authorization in eLabFTW
Vulnerability Description
eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
eLabFTW 安全漏洞
Vulnerability Description
eLabFTW是一套开源的实验数据托管平台。该平台运行于Linux系统中,并支持存储多种对象。 eLabFTW 0.15.10之前版本存在安全漏洞,该漏洞源于允许登录用户在未经授权的情况下读取模板。
CVSS Information
N/A
Vulnerability Type
N/A