CVE-2016-1595

CVE-2016-1595

LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language (HQL) injection attacks and obtain sensitive information via the entityName parameter.

Source: CVE-2016-1595

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다