Timgreen: >> Python Book >> 1.0 Security Vulnerabilities
The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability.
CVSS Score
9.8
EPSS Score
0.011
Published
2024-11-15
python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-11-15