CVE-2020-11593

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request with injected HTML data that is later leveraged to send emails from a customer trusted email address.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:cipplanner:cipace:*:*:*:*:*:*:*:*

Information

Published : 2020-04-06 15:15

Updated : 2020-04-07 09:17


NVD link : CVE-2020-11593

Mitre link : CVE-2020-11593


JSON object : View

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Advertisement

dedicated server usa

Products Affected

cipplanner

  • cipace