CVE-2023-50458
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-10
Last updated on: 2025-11-07
Assigner: MITRE
Description
Description
In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dradisframework | dradis | to 4.11.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1230 | The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Dradis versions before 4.11.0 causes the Output Console to display a job queue that may include information about other users' jobs, potentially exposing data that should be private to each user.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of information about other users' jobs, which may result in privacy breaches or exposure of sensitive operational details within the application.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70