Arvato Skillpipe 3.0 allows attackers to bypass intended print restrictions by deleting <div id="watermark"> from the HTML source code.
References
Link | Resource |
---|---|
https://twitter.com/GerardFuguet/status/1228462263188758529 | Third Party Advisory |
https://www.exploit-db.com/docs/48175 | Exploit Third Party Advisory VDB Entry |
https://www.youtube.com/watch?v=Ok1UmRFWoLY | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-02-16T20:17:55
Updated: 2020-06-17T12:57:58
Reserved: 2020-02-16T00:00:00
Link: CVE-2020-9013
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-16T21:15:10.727
Modified: 2022-01-01T19:53:55.217
Link: CVE-2020-9013
JSON object: View
Redhat Information
No data.
CWE