CVE-2016-1595

2016-04-22T06:59:02
ID CVE-2016-1595
Type cve
Reporter NVD
Modified 2016-12-02T22:21:10

Description

LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language (HQL) injection attacks and obtain sensitive information via the entityName parameter.