Metersphere: >> Metersphere >> 2.10.10 Security Vulnerabilities
MeterSphere is a test management and interface testing tool. In affected versions users without workspace permissions can view functional test cases of other workspaces beyond their authority. This issue has been addressed in version 2.10.15-lts. Users of MeterSphere are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Score
3.5
EPSS Score
0.002
Published
2024-05-30
MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue.
CVSS Score
5.7
EPSS Score
0.0
Published
2024-04-25