A RemoteFunctions endpoint with missing access control in konzept-ix publiXone prior to 2020.015 allows malicious users to disclose sensitive user information, send arbitrary e-mails, escalate the privileges of arbitrary user accounts, and have unspecified other impact.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
konzept-ix publixone |