Security Advisory

CVE-2024-9982

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-15 08:04:36

Last updated 2024-10-15 13:50:03

Assigner twcert

State PUBLISHED

Description

AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query parameter. When the LINE Campaign Module is enabled, unauthenticated remote attackers can inject arbitrary FetchXml commands to read, modify, and delete database content.

← Browse all CVEs View on cve.org ↗