CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-20876

Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows an attacker with an administrative privilege to obtain sensitive information stored in the hierarchy above the directory on the published site's server via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.2%

CVSS Severity

CVSS v3 Score 6.8

CVSS v2 Score 4.0

References

https://groupsession.jp/info/info-news/security20211220
https://jvn.jp/en/jp/JVN79798166/index.html
https://groupsession.jp/info/info-news/security20211220
https://jvn.jp/en/jp/JVN79798166/index.html

Products affected by CVE-2021-20876

Groupsession » Groupsession » Version: Any

cpe:2.3:a:groupsession:groupsession:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20876

Products

Pricing

Contact Us