What the vulnerability does
01Description
Insertion of Sensitive Information Into Sent Data vulnerability in Essekia Tablesome tablesome allows Retrieve Embedded Sensitive Data.This issue affects Tablesome: from n/a through <= 1.1.35.1.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
What the vulnerability does
Insertion of Sensitive Information Into Sent Data vulnerability in Essekia Tablesome tablesome allows Retrieve Embedded Sensitive Data.This issue affects Tablesome: from n/a through <= 1.1.35.1.
Explanation of Vulnerability in Simple Terms
Tablesome versions up to 1.1.35.1 expose sensitive information to authenticated users with low privileges. An attacker with a basic user account can read data they should not have access to due to insufficient access controls. The vulnerability affects the scope beyond the vulnerable component. Update to version 1.2.9 or later to remediate.
What an attacker can do
Read sensitive data belonging to other users or restricted areas of the application.
Potential impact on your site
User data and restricted information may be exposed to any authenticated user, compromising privacy and confidentiality.
Conditions required to exploit
Attacker must have a low-privilege user account on the site; no special interaction required.
Key dates
External resources