polkaman

Block or report user

Report or block polkaman

Contact Support about this user’s behavior.

Learn more about reporting abuse

View GitHub Profile

Sort: Recently created

Sort options

Recently created Least recently created Recently updated Least recently updated

polkaman / txt

Created Jul 9, 2019

CVE-2019-13337-13338 descriptions

      
        CVE-2019-13337
      
            [Description]
      
            In WESEEK GROWI before 3.5.0, the site-wide basic authentication can
      
            be bypassed by adding a URL parameter access_token (this is the
      
            parameter used by the API). No valid token is required since it is not
      
            validated by the backend. The website can then be browsed as if no
      
            basic authentication is required.

You can’t perform that action at this time.