ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables…
GitHub_M·CWE-1295·Published 2024-06-25
ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22.
ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22.
### Impact Debug information can reveal sensitive information from environment variables in error log ### Affected platform Laravel environments with multi-vendor setups and admin access for the vendors
### Impact Debug information can reveal sensitive information from environment variables in error log ### Affected platform Laravel environments with multi-vendor setups and admin access for the vendors
ai-client-html es un componente del cliente HTML de comercio electrónico de Aimeos. La información de depuración reveló información confidencial de las variables de entorno en el registro de errores. Este problema se solucionó en las versiones 2024.04.7, 2023.10.15, 2022.10.13 y 2021.10.22.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 8.8 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 8.8 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | NVD | 8.8 | 2.8 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | GHSA | 8.8 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |