|CVSS SCORE||5.3, (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)|
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the processing of HTTP parameters. A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition.
Fixed in version 3.1.4-033e292
|CREDIT||Asif Akbar of Trend Micro Security Research