vendor:
Wiser
by:
5.5
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: Wiser
Affected Version From: 2.1
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Wiser Information Disclosure Vulnerability
Wiser is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download backup files that contain sensitive information. Information harvested may aid in launching further attacks.
Mitigation:
To mitigate this vulnerability, it is recommended to ensure that user-supplied data is properly validated and sanitized before being used in any operations that could lead to information disclosure.