CVE-2023-50786 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Dradis through 4.16.0 allows referencing external images (resources) over HTTPS, instead of forcing the use of embedded (uploaded) images. This can be leveraged…
Medium CVSS: 4.1

CVE-2023-50786

Dradis through 4.16.0 allows referencing external images (resources) over HTTPS, instead of forcing the use of embedded (uploaded) images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network.
Vendor
Dradisframework
Product
Dradis
CWE
CWE-294
Yayın Tarihi
2025-07-05 04:15:24
Güncelleme
2025-11-07 01:11:54
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-294 Dradis MEDIUM Dradisframework 2025

Referanslar

https://dradis.com/ https://dradis.com/ce https://securiteam.io/2025/07/04/cve-2023-50786-dradis-ntlm-theft-vulnerability/ https://securiteam.io/2025/07/04/cve-2023-50786-dradis-ntlm-theft-vulnerability/