Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Meteraphsere vulnerable to unauthorized viewing by workspace members
Vulnerability Description
MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L
Vulnerability Type
信息暴露
Vulnerability Title
MeterSphere 安全漏洞
Vulnerability Description
MeterSphere是MeterSphere开源的一站式开源持续测试平台。 MeterSphere 2.10.14-lts之前版本存在安全漏洞,该漏洞源于未经授权的成员可以越权查看其他工作空间的成员信息。
CVSS Information
N/A
Vulnerability Type
N/A