RSS   Podatności dla 'Ektron cms'   RSS

2018-10-10
 
CVE-2018-12596

CWE-269
 

 
Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins).

 

 >>> Vendor: Episerver 4 Produkty
Episerver cms
Episerver
Ektron cms
FIND


Copyright 2024, cxsecurity.com

 

Back to Top