CVE-2019-12395

Publication date

2019-05-28 12:41:32

Family

mitre

State

PUBLISHED

Description

In Webbukkit Dynmap 3.0-beta-3 or below, due to a missing login check in servlet/MapStorageHandler.java, an attacker can see a map image without login even if victim enables login-required in setting.