CVE-2021-29394

CVE-2021-29394

Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote authenticated users to change the password of any targeted user accounts via lack of proper authorization in the user-controlled "userID" parameter of the HTTP POST request.

Source: CVE-2021-29394

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다