CVE-2019-15032 – Pydio 6.0.8 mishandles error reporting when a directory allows unauthenticated uploads, an …

Vuln ID: CVE-2019-15032

Published:  2019-09-19  17:15:12Z

Description: Pydio 6.0.8 mishandles error reporting when a directory allows unauthenticated uploads, and the remote-upload option is used with the http://localhost:22 URL. The attacker can obtain sensitive information such as the name of the user who created that directory and other internal server information.

Source: NVD.NIST.GOV

 

Tags