The notification emails sent by Soar... CVE-2024-5996

- AV AC AU C I A
发布: 2024-10-05
修订: 2024-10-05

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. These emails are sent without using an encrypted transmission protocol. If an attacker intercepts the packets, they can obtain the plaintext session information and use it to log into the system.

0%
暂无可用Exp或PoC
当前有0条受影响产品信息