Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
wallabag Profile Config config allocation of resources
Vulnerability Description
A vulnerability was found in wallabag 2.5.4. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /config of the component Profile Config. The manipulation of the argument Name leads to allocation of resources. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-233359. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
wallabag 安全漏洞
Vulnerability Description
wallabag是一个网络应用程序,允许您保存网页以供以后阅读。 wallabag 2.5.4版本存在安全漏洞,该漏洞源于文件/config的参数Name会导致资源分配。
CVSS Information
N/A
Vulnerability Type
N/A