CVE-2020-14982

CVE-2020-14982

A Blind SQL Injection vulnerability in Kronos WebTA 3.8.x and later before 4.0 (affecting the com.threeis.webta.H352premPayRequest servlet’s SortBy parameter) allows an attacker with the Employee, Supervisor, or Timekeeper role to read sensitive data from the database.

Source: CVE-2020-14982

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다