CVE-2020-24570 in mymbCONNECT24información

Resumen

por MITRE • 2020-10-04

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a CSRF issue (with resultant SSRF) in the com_mb24proxy module, allowing attackers to steal session information from logged-in users with a crafted link.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservar

2020-08-21

Divulgación

2020-10-04

Moderación

aceptado

Artículo

VDB-162120

CPE

listo

EPSS

0.00478

KEV

no

Actividades

muy bajo

Fuentes

Interested in the pricing of exploits?

See the underground prices here!