CVE-2019-19859

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-19859

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-19859.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-19859

Published

2020-01-15T23:15:11.963Z

Modified

2026-03-12T23:03:54.918791Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The Add Collaborator allows unlimited data via the author parameter, even if the data does not match anything in the database.

References

https://www.websec.nl/news.php

Affected packages

Git / github.com/serpicoproject/serpico

Affected ranges

Type

GIT

Repo

https://github.com/serpicoproject/serpico

Events

Introduced

Last affected

7d7bc536b4de1f10e1e0feff0e5804150383b917

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.3.0"
        }
    ]
}

Affected versions

1.*

1.0

1.1.0

1.1.1

1.2.1

1.2.2

1.2.2.1

1.3.0

Other

BH2016Alpha

BH2017_1.*

BH2017_1.2.0_Alpha

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-19859.json"