What the vulnerability does
01Description
Debug Messages Revealing Unnecessary Information vulnerability in TLA Media GTM Kit gtm-kit allows Retrieve Embedded Sensitive Data.This issue affects GTM Kit: from n/a through <= 2.4.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
What the vulnerability does
Debug Messages Revealing Unnecessary Information vulnerability in TLA Media GTM Kit gtm-kit allows Retrieve Embedded Sensitive Data.This issue affects GTM Kit: from n/a through <= 2.4.0.
Explanation of Vulnerability in Simple Terms
GTM Kit versions 2.4.0 and earlier contain a flaw that allows unauthenticated attackers to read sensitive data from the affected site over the network. No user interaction is required. The vulnerability does not allow modification or deletion of data, only unauthorized access to confidential information.
What an attacker can do
Read sensitive data from the site without authentication.
Potential impact on your site
Confidential information may be exposed to anyone on the internet without your knowledge or consent.
Conditions required to exploit
Network access to the site; no authentication or user interaction required.
Key dates
External resources