In Montala ResourceSpace up to and including 9.8 before r19636, csv_export_results_metadata.php allows malicious users to export collection metadata via a non-NULL k value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
montala resourcespace |
||
montala resourcespace 9.8 |