An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with client_key and device_id data in the query string, which allows attackers to obtain sensitive information by reading web-server logs.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-05-18T04:42:22
Updated: 2024-08-04T12:11:19.096Z
Reserved: 2020-05-18T00:00:00
Link: CVE-2020-13129
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-05-18T05:15:14.620
Modified: 2021-08-12T17:48:53.993
Link: CVE-2020-13129
Redhat
No data.