Skip to main content

Xmpp Http Upload

1 CVEs product

Monthly

CVE-2020-15239 PyPI LOW PATCH Monitor

In xmpp-http-upload before version 0.4.0, when the GET method is attacked, attackers can read files which have a `.data` suffix and which are accompanied by a JSON file with the `.meta` suffix. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Information Disclosure Path Traversal Xmpp Http Upload
NVD GitHub
CVSS 3.1
3.5
EPSS
1.5%
EPSS 1% CVSS 3.5
LOW PATCH Monitor

In xmpp-http-upload before version 0.4.0, when the GET method is attacked, attackers can read files which have a `.data` suffix and which are accompanied by a JSON file with the `.meta` suffix. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Information Disclosure Path Traversal Xmpp Http Upload
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy