ГлавнаяУязвимости → CVE-2020-36926
7.5высокая

CVE-2020-36926

Описание

SmarterTrack 7922 contains an information disclosure vulnerability in the Chat Management search form that reveals agent identification details. Attackers can access the vulnerable /Management/Chat/frmChatSearch.aspx endpoint to retrieve agents' first and last names along with their unique identifiers.

Затрагиваемое ПО
Smartertools Smartertrack
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://www.exploit-db.com/exploits/50328https://www.smartertools.com/https://www.smartertools.com/smartertrackhttps://www.vulncheck.com/advisories/smartertools-smartertrack-information-disclosurehttps://www.exploit-db.com/exploits/50328