Vulnerability CVE-2024-3774
Published: 2024-04-15

Description:
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values lacks proper restrictions on a specific parameter, allowing attackers to modify this parameter to access certain sensitive system configuration values.

Type:

CWE-200

 (Information Exposure)

 References:
https://www.twcert.org.tw/tw/cp-132-7724-c28d3-1.html
Copyright 2024, cxsecurity.com

 

Back to Top