Vulnerability Details CVE-2024-28216
nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.0%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2024-28216
-
cpe:2.3:a:naver:ngrinder:3.0
-
cpe:2.3:a:naver:ngrinder:3.0.1
-
cpe:2.3:a:naver:ngrinder:3.0.2
-
cpe:2.3:a:naver:ngrinder:3.0.3
-
cpe:2.3:a:naver:ngrinder:3.0.4
-
cpe:2.3:a:naver:ngrinder:3.1
-
cpe:2.3:a:naver:ngrinder:3.1.1
-
cpe:2.3:a:naver:ngrinder:3.1.2
-
cpe:2.3:a:naver:ngrinder:3.1.3
-
cpe:2.3:a:naver:ngrinder:3.2
-
cpe:2.3:a:naver:ngrinder:3.2.1
-
cpe:2.3:a:naver:ngrinder:3.2.2
-
cpe:2.3:a:naver:ngrinder:3.2.3
-
cpe:2.3:a:naver:ngrinder:3.3
-
cpe:2.3:a:naver:ngrinder:3.4
-
cpe:2.3:a:naver:ngrinder:3.4.1
-
cpe:2.3:a:naver:ngrinder:3.4.2
-
cpe:2.3:a:naver:ngrinder:3.4.3
-
cpe:2.3:a:naver:ngrinder:3.4.4
-
cpe:2.3:a:naver:ngrinder:3.5.0
-
cpe:2.3:a:naver:ngrinder:3.5.1
-
cpe:2.3:a:naver:ngrinder:3.5.2
-
cpe:2.3:a:naver:ngrinder:3.5.3
-
cpe:2.3:a:naver:ngrinder:3.5.4
-
cpe:2.3:a:naver:ngrinder:3.5.5
-
cpe:2.3:a:naver:ngrinder:3.5.6
-
cpe:2.3:a:naver:ngrinder:3.5.7
-
cpe:2.3:a:naver:ngrinder:3.5.8