CVE-2019-19859

Published: Jan 15, 2020Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The Add Collaborator allows unlimited data via the author parameter, even if the data does not match anything in the database.

Affected (1)

Products: Serpico Project: Serpico

Serpico Project

1 product

Serpico

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Serpico Project Serpico	Version 1.3.0

References (2)

https://www.websec.nl/news.php

Source: cve@mitre.org

PatchThird Party Advisory

https://www.websec.nl/news.php

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

Timeline

No history available yet.