CVE-2023-0241Path Traversal in 4

CWE-22Path Traversal4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.6%
top 31.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Pgadmin 4
Timeline
PublishedMar 27

Description

pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDpgadmin/pgadmin_4< 6.19
CVEListV5pgadmin/pgadmin_4pgadmin 6.19

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
CVEList
CVE-2023-0241: pgAdmin 4 versions prior to v62023-03-27
GHSA
pgAdmin 4 vulnerable to directory traversal2023-03-27
OSV
pgAdmin 4 vulnerable to directory traversal2023-03-27
CVE-2023-0241 — Path Traversal in Pgadmin 4 | cvebase