CVE-2022-2815 MEDIUM

CVE-2022-2815: Insecure Storage of Sensitive Information in publify/publify

Vendor Publify
Product publify/publify
Weakness CWE-922
Published January 14, 2023
Last update April 7, 2025

CVSS base score

4.6/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.

Key dates

02Disclosure timeline

January 14, 2023 CVE published
April 7, 2025 Record updated