RSS   Vulnerabilities for 'Agilepoint nx'   RSS

2022-07-06
 
CVE-2022-30619

CWE-89
 

 
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the parameter: EncodedData

 


Copyright 2024, cxsecurity.com

 

Back to Top