Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthenticated user. The issue in versions 3.5 - 3.25 was removed in releases which dates from 10th of January 2014. Higher versions were never affected.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published: 2024-07-02T08:44:05.732Z

Updated: 2024-08-01T20:55:09.998Z

Reserved: 2024-05-13T10:34:57.036Z

Link: CVE-2024-4836

cve-icon Vulnrichment

Updated: 2024-08-01T20:55:09.998Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-07-02T09:15:19.553

Modified: 2024-11-21T09:43:42.437

Link: CVE-2024-4836

cve-icon Redhat

No data.