CWE-598
Use of HTTP Request With Sensitive Query String
VariantDraft
Description
The web application uses an HTTP method to process a request, but the request includes sensitive information in the query string.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (41)
page 3 of 3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-6014 | 0.00 | — | 0.01 | Nov 16, 2023 | An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment. |
- CVE-2023-6014Nov 16, 2023risk 0.00cvss —epss 0.01
An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment.