Security Advisory
CVE-2021-27963
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). An anonymous user can send a POST request to /User/saveUser without any authentication or session header.