Skip to content

External control of configuration setting in the dashboard

High
matks published GHSA-mc98-xjm3-c4fm Jul 2, 2020

Package

No package listed

Affected versions

1.6.0.1

Patched versions

1.7.6.6

Description

Impact

The dashboard allows us to rewrite all configuration variables.

Patches

The problem is fixed in 1.7.6.6

References

CWE-15: External Control of System or Configuration Setting

Severity

High

CVE ID

CVE-2020-15082

Weaknesses

No CWEs