CVE-2020-14989 · Vexday

CVE-2020-14989

EPSS 0.6%

An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF if the attacker uses GET where POST was intended.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://tvrbk.github.io/cve/2021/03/09/brXM.html