| |
Vulnerability CVE-2024-31845
Published: 2024-05-21
| Description: |
An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly neutralizes output that is written to logs. The web application writes logs using a GET query string parameter. This parameter can be modified by an attacker, so that every action he performs is attributed to a different user. This can be exploited without authentication. |
References: |
https://www.gruppotim.it/it/footer/red-team.html
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|