Security Advisory

CVE-2020-15773

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-18 14:04:29
Last updated 2024-08-04 13:22:30
Assigner mitre
State PUBLISHED

Description

An issue was discovered in Gradle Enterprise before 2020.2.4. Because of unrestricted cross-origin requests to read-only data in the Export API, an attacker can access data as a user (for the duration of the browser session) after previously explicitly authenticating with the API.