Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unauthorized viewing of workspace test cases in MeterSphere
Vulnerability Description
MeterSphere is a test management and interface testing tool. In affected versions users without workspace permissions can view functional test cases of other workspaces beyond their authority. This issue has been addressed in version 2.10.15-lts. Users of MeterSphere are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
信息暴露
Vulnerability Title
MeterSphere 安全漏洞
Vulnerability Description
MeterSphere是MeterSphere开源的一站式开源持续测试平台。 MeterSphere 2.10.15-lts之前版本存在安全漏洞,该漏洞源于允许没有工作区权限的用户可以查看超出其权限的其他工作区的功能测试用例。。
CVSS Information
N/A
Vulnerability Type
N/A