Vulnerabilities > Bigtreecms > Bigtree > 4.3

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-23	CVE-2018-20405	Authorization Bypass Through User-Controlled Key vulnerability in Bigtreecms Bigtree 4.3 BigTree 4.3 allows full path disclosure via authenticated admin/news/ input that triggers a syntax error. network low complexity bigtreecms CWE-639	2.7

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.