Fusionauth
Monthly
FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in FusionAuth before 1.11.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in FusionAuth before 1.11.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.