What the vulnerability does
01Description
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through <= 1.4.3.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through <= 1.4.3.
Explanation of Vulnerability in Simple Terms
AppExperts versions 1.4.3 and earlier expose sensitive information through improper access controls. An attacker on the network can retrieve confidential data without authentication or user interaction. The vulnerability affects the application's information disclosure mechanisms, allowing unauthorized access to low-sensitivity data.
What an attacker can do
Read sensitive information from the application without logging in.
Potential impact on your site
Confidential data may be exposed to unauthenticated attackers over the network.
Conditions required to exploit
Network access to the application; no authentication required.
Key dates
External resources