CVE-2018-19609

ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified page_id, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:showdoc:showdoc:2.4.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-11-27 16:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-19609

Mitre link : CVE-2018-19609

CVE.ORG link : CVE-2018-19609


JSON object : View

Products Affected

showdoc

  • showdoc
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor