CVE-2019-17321

Publication date

2019-10-30 20:42:57

Family

krcert

State

PUBLISHED

Description

ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue. When requesting web page associated with session, could leak username via session file path of HTTP response data. No authentication is required.