Security Advisory

CVE-2020-18741

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-08 16:29:11

Last updated 2024-08-04 14:08:29

Assigner mitre

State PUBLISHED

Description

Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify the description of any users photo via the "photoid%5B%5D" and "photodesc%5B%5D" parameters in the component "index.php?app=photo."

← Browse all CVEs View on cve.org ↗