Vulnerability Details CVE-2020-20472
White Shark System (WSS) 1.3.2 has a sensitive information disclosure vulnerability. The if_get_addbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.7%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2020-20472
-
cpe:2.3:a:white_shark_systems_project:white_shark_systems:1.3.2