RSS   Vulnerabilities for 'E-cology'   RSS

2019-04-30
 
CVE-2019-10272

CWE-93
 

 
An issue was discovered in Weaver e-cology 9.0. There is a CRLF Injection vulnerability via the /workflow/request/ViewRequestForwardSPA.jsp isintervenor parameter, as demonstrated by the %0aSet-cookie: substring.

 

 >>> Vendor: Weaver 2 Products
E-cology
Eteams oa


Copyright 2019, cxsecurity.com

 

Back to Top