Severity update as this directly doesn't pose any risk.
parent
7f1b075cf0
commit
3bbcb23cd0
|
@ -3,7 +3,7 @@ id: CVE-2017-5487
|
|||
info:
|
||||
name: WordPress Core < 4.7.1 - Username Enumeration
|
||||
author: Manas_Harsh,daffainfo
|
||||
severity: medium
|
||||
severity: info
|
||||
description: wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.
|
||||
tags: cve,cve2017,wordpress
|
||||
reference: |
|
||||
|
|
Loading…
Reference in New Issue