| TVN ID | TVN-202207005 |
|---|---|
| CVE ID | CVE-2022-35221 |
| CVSS | 5.4 (Medium) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
| Affected Products | Teamplus Pro私有雲版本 <= v3.011.6.0.1 |
| Description | Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’ vulnerability on thread subject field. A remote attacker with general user privilege posting a thread subject with large content can cause the server to allocate too much memory, leading to missing partial post content and disrupt partial service. |
| Solution | Contact tech support from TEAMPLUS. |
| Credit | RayHong (CCoE) |
| Public Date | 2022-07-29 |
:::