Security Advisory

CVE-2022-25336

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-18 17:49:08

Last updated 2024-08-03 04:36:06

Assigner mitre

State PUBLISHED

Description

Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced.

← Browse all CVEs View on cve.org ↗