Vulnerability CVE-2016-10524


Published: 2018-05-31

Description:
i18n-node-angular is a module used to interact between i18n and angular without using additional resources. A REST API endpoint that is used for development in i18n-node-angular before 1.4.0 was not disabled in production environments a malicious user could fill up the server causing a Denial of Service or content injection.

Type:

CWE-74

CVSS2 => (AV:N/AC:M/Au:S/C:N/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
4.9/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
None
Partial
Partial
Affected software
I18n-node-angular project -> I18n-node-angular 

 References:
https://github.com/oliversalzburg/i18n-node-angular/commit/877720d2d9bb90dc8233706e81ffa03f99fc9dc8
https://nodesecurity.io/advisories/80

Copyright 2024, cxsecurity.com

 

Back to Top