Unrated severityNVD Advisory· Published Mar 30, 2020· Updated Aug 4, 2024
CVE-2020-10560
CVE-2020-10560
Description
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Open Source Social Network/Open Source Social Networkdescription
- Range: <=5.3
Patches
Vulnerability mechanics
References
1- techanarchy.net/blog/cve-2020-10560-ossn-arbitrary-file-readmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.