CVE-2019-8954

2019-02-20T17:29:00
ID CVE-2019-8954
Type cve
Reporter cve@mitre.org
Modified 2019-02-21T14:38:00

Description

In Indexhibit 2.1.5, remote attackers can execute arbitrary code via the v parameter (in conjunction with the id parameter) in a upd_jxcode=true action to the ndxzstudio/?a=system URI.