Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tipask Subscribe
Filtered by product Tipask
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41714 1 Tipask 1 Tipask 2022-06-03 4.0 MEDIUM 6.5 MEDIUM
In Tipask < 3.5.9, path parameters entered by the user are not validated when downloading attachments, a registered user can download arbitrary files on the Tipask server such as .env, /etc/passwd, laravel.log, causing infomation leakage.