ClipSoft REXPERT 1.0.0.527 and previous versions version allows remote malicious user to upload arbitrary local file via the ActiveX method in RexViewerCtrl30.ocx. That could lead to disclosure of sensitive information. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clipsoft rexpert |