From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: JVNDB-2024-000109 2. Vulnerability Name: baserCMS plugin "BurgerEditor" vulnerable to directory listing 3. Summary: - Describes a directory listing vulnerability in the baserCMS plugin "BurgerEditor". - By appending specific strings to the URL, an attacker can retrieve a list of uploaded files. - Using the information from the list, the actual uploaded files can also be accessed. 4. CVSS V3 Severity: - Base Metrics: 5.3 (Medium) [IPA Score] - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Confidentiality Impact: Low - Integrity Impact: None - Availability Impact: None 5. Affected Products: - D-ZERO CO., LTD. - BurgerEditor (v2) versions prior to v2.25.1 - BurgerEditor Limited Edition versions prior to v2.25.1 6. Impact: - Uploaded files on websites using the plugin can be listed and accessed without authentication. 7. Solution: - Update the plugin. - Update the plugin according to information provided by the developer. - The developer has released the following versions to fix this vulnerability: - BurgerEditor (v2) v2.25.1 - BurgerEditor Limited Edition v2.25.1 8. Reference Links: - JVN: JVN#54676967 9. Revision History: - October 10, 2024: Webpage published This information provides a detailed description of the vulnerability, its scope of impact, mitigation steps, and reference links, aiding in understanding and responding to the vulnerability.