Docebo Community Edition up to 4.0.5 unrestricted upload

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Docebo Community Edition up to 4.0.5. It has been rated as critical. This issue affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

0	23
1	15

Field

exploit_price_0day	1
vulnerability_cvss3_meta_tempscore	1
vulnerability_cvss3_meta_basescore	1
vulnerability_cvss3_vuldb_tempscore	1
vulnerability_cvss3_vuldb_basescore	1

Commit Conf

90%	23
50%	15

Approve Conf

90%	23
80%	15

ID	Commited	User	Field	Change	Remarks	Accepted	Reason	C
12643223	06/23/2022	VulD...	price_0day	$0-$5k	see exploit price documentation	06/23/2022	accepted	90
12643222	06/23/2022	VulD...	cvss3_meta_tempscore	5.5	see CVSS documentation	06/23/2022	accepted	90
12643221	06/23/2022	VulD...	cvss3_meta_basescore	5.5	see CVSS documentation	06/23/2022	accepted	90
12643220	06/23/2022	VulD...	cvss3_vuldb_tempscore	5.5	see CVSS documentation	06/23/2022	accepted	90
12643219	06/23/2022	VulD...	cvss3_vuldb_basescore	5.5	see CVSS documentation	06/23/2022	accepted	90
12643218	06/23/2022	VulD...	cvss2_vuldb_tempscore	4.9	see CVSS documentation	06/23/2022	accepted	90
12643217	06/23/2022	VulD...	cvss2_vuldb_basescore	4.9	see CVSS documentation	06/23/2022	accepted	90
12643216	06/23/2022	VulD...	cvss3_vuldb_rc	X	derived from historical data	06/23/2022	accepted	80
12643215	06/23/2022	VulD...	cvss3_vuldb_rl	X	derived from historical data	06/23/2022	accepted	80
12643214	06/23/2022	VulD...	cvss3_vuldb_e	X	derived from historical data	06/23/2022	accepted	80
12643213	06/23/2022	VulD...	cvss3_vuldb_pr	L	derived from historical data	06/23/2022	accepted	80
12643212	06/23/2022	VulD...	cvss3_vuldb_ac	L	derived from historical data	06/23/2022	accepted	80
12643211	06/23/2022	VulD...	cvss3_vuldb_av	A	derived from historical data	06/23/2022	accepted	80
12643210	06/23/2022	VulD...	cvss2_vuldb_rc	ND	derived from historical data	06/23/2022	accepted	80
12643209	06/23/2022	VulD...	cvss2_vuldb_rl	ND	derived from historical data	06/23/2022	accepted	80
12643208	06/23/2022	VulD...	cvss2_vuldb_e	ND	derived from historical data	06/23/2022	accepted	80
12643207	06/23/2022	VulD...	cvss2_vuldb_au	S	derived from historical data	06/23/2022	accepted	80
12643206	06/23/2022	VulD...	cvss2_vuldb_ac	M	derived from historical data	06/23/2022	accepted	80
12643205	06/23/2022	VulD...	cvss2_vuldb_av	A	derived from historical data	06/23/2022	accepted	80
12643204	06/23/2022	VulD...	cvss2_vuldb_ai	P	derived from vuldb v3 vector	06/23/2022	accepted	80