CVE-2023-6354
Tyler Technologies Magistrate Court Case Management Plus PDFViewer.aspx allows authentication bypass
Tyler Technologies Magistrate Court Case Management Plus allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the PDFViewer.aspx 'filename' parameter.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
Tyler Technologies · Magistrate Court Case Management PlusQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.mdhttps://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systemshttps://www.tylertech.com/solutions/courts-public-safety/courts-justice