CVE-2020-7993

CVE-2020-7993

EPSS 0.7%

Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation (on behalf of other user accounts) via a modified email ID field.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/prototypejs/prototype/blob/master/CHANGELOG https://medium.com/%40vbharad/improper-access-control-vulnerability-in-prototype-1-6-0-1-framework-379cc3a05079