Products
filestash
- 0.4
Source
cve@mitre.org
Tags
CVE-2024-41256 details
Published : July 31, 2024, 9:15 p.m.
Last Modified : July 31, 2024, 9:15 p.m.
Last Modified : July 31, 2024, 9:15 p.m.
Description
Default configurations in the ShareProofVerifier function of filestash v0.4 causes the application to skip the TLS certificate verification process when sending out email verification codes, possibly allowing attackers to access sensitive data via a man-in-the-middle attack.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://gist.github.com/nyxfqq/a6da3fe6128b978ea1aaa5df639d5f98 | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.