Gladysassistant: Security Vulnerabilities
Gladys Assistant v4.27.0 and prior is vulnerable to Directory Traversal. The patch of CVE-2023-43256 was found to be incomplete, allowing authenticated attackers to extract sensitive files in the host machine.
CVSS Score
6.5
EPSS Score
0.005
Published
2023-12-07
A path traversal in Gladys Assistant v4.26.1 and below allows authenticated attackers to extract sensitive files in the host machine by exploiting a non-sanitized user input.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-09-25