Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthenticated user.
The issue in versions 3.5 - 3.25 was removed in releases which dates from 10th of January 2014. Higher versions were never affected.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: CERT-PL
Published: 2024-07-02T08:44:05.732Z
Updated: 2024-08-01T20:55:09.998Z
Reserved: 2024-05-13T10:34:57.036Z
Link: CVE-2024-4836
Vulnrichment
Updated: 2024-08-01T20:55:09.998Z
NVD
Status : Awaiting Analysis
Published: 2024-07-02T09:15:19.553
Modified: 2024-11-21T09:43:42.437
Link: CVE-2024-4836
Redhat
No data.