CVE-2019-11488

CVE-2019-11488

Incorrect Access Control in the Account Access / Password Reset Link in SimplyBook.me Enterprise before 2019-04-23 allows Unauthorized Attackers to READ/WRITE Customer or Administrator data via a persistent HTTP GET Request Hash Link Replay, as demonstrated by a login-link from the browser history.

Source: CVE-2019-11488

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다