Generation of Error Message Containing Sensitive Information

CVE-2020-20470

Medium

5.3/10

Summary

White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-209 - Generation of Error Message Containing Sensitive Information

The software generates an error message that includes sensitive information about its environment, users, or associated data.

References

Advisory Timeline

Published Jun 21, 2021