CVE-2023-6353
Tyler Technologies Civil and Criminal Electronic Filing Upload.aspx allows authentication bypass
Tyler Technologies Civil and Criminal Electronic Filing allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the Upload.aspx 'enky' parameter.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
Tyler Technologies · Civil and Criminal Electronic FilingQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.mdhttps://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systemshttps://www.tylertech.com/solutions/courts-public-safety/courts-justice