CVE-2019-16354

MEDIUM4.7EPSS 0.03%

Incorrect permissions for critical resource in github.com/astaxie/beego

Published: 8/2/2021Modified: 5/20/2024

Description

Session data is stored using permissive permissions, allowing local users with filesystem access to read arbitrary data.

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM4.7	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N