CVE-2016-1595

2016-04-22T06:59:02
ID CVE-2016-1595
Type cve
Reporter NVD
Modified 2018-10-09T15:59:14

Description

LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language (HQL) injection attacks and obtain sensitive information via the entityName parameter.