CVE-2020-13525 – The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTabl …

3 December 2020

Vuln ID: CVE-2020-13525

Published: 2020-12-03 18:15:10Z

Description: The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Source: NVD.NIST.GOV

Date:

3 December 2020

Categorie(s):

NVD

Tag(s):

NVD

What is ThreatLocker Cybersecurity Used For & How to Protect Your Digital Future?25 April 2024
Zombie worm continues to infect millions of IPs years after it was left for dead25 April 2024
How to Avoid Romance Scams 25 April 2024
Net neutrality has been restored25 April 2024
Cyberattacks on Poland surged after election of pro-Ukraine government, NetScout says25 April 2024