CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
15.8%
Design document functions which receive a user http request object may
expose authorization or session cookie headers of the user who accesses the
document. These design document functions are: * list * show * rewrite *
update An attacker can leak the session component using an HTML-like
output, insert the session as an external resource (such as an image), or
store the credential in a _local document with an “update” function. For
the attack to succeed the attacker has to be able to insert the design
documents into the database, then manipulate a user to access a function
from that design document. Workaround: Avoid using design documents from
untrusted sources which may attempt to access or manipulate request
object’s headers
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
15.8%