| |
Vulnerability CVE-2020-27414
Published: 2021-12-02
| Description: |
Mahavitaran android application 7.50 and prior transmit sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header, MITM or browser history. |
Type:
CWE-200 (Information Exposure)
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
2.9/10 |
8.6/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://cvewalkthrough.com/cve-2020-27414-mahavitaran-android-application-insecure-communication-of-sensitive-dat/
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
