Vulnerabilities > CVE-2020-26220 - Unspecified vulnerability in Touchbase.Ai Project Touchbase.Ai 1.1.0

047910
CVSS 3.5 - LOW
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
touchbase-ai-project

Summary

toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Anyone with access to the uploaded image of other users could obtain its geolocation, device, and software version data etc (if present. The issue is fixed in version 2.0.

Vulnerable Configurations

Part Description Count
Application
Touchbase.Ai_Project
1