Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter.
References
Link | Resource |
---|---|
https://zuso.ai/Advisory/ZA-2023-06 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ZUSO ART
Published: 2023-10-17T04:00:28.128Z
Updated: 2023-10-17T04:00:28.128Z
Reserved: 2023-05-30T09:41:32.477Z
Link: CVE-2023-34209
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-17T05:15:50.207
Modified: 2023-10-20T18:09:35.410
Link: CVE-2023-34209
JSON object: View
Redhat Information
No data.
CWE