CVE-2022-31260

MEDIUM6.5EPSS 24.8%

Published: 3/6/2024Modified: 3/6/2024

Description

In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value.

Affected packages (1)

Bitnami/resourcespacefrom 0, < 9.8.0 | >= 9.8.0, <= 9.8.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

References (2)

WEBhttps://github.com/grymer/CVE/blob/master/CVE-2022-31260.md
WEBhttps://www.resourcespace.com