8x8: SQL injection (stacked queries) in the export to Excel functionality on Vidyo Server

2020-07-13T14:13:52
ID H1:922567
Type hackerone
Reporter b1ackgamba
Modified 2020-07-29T17:07:56

Description

An abandoned Vidyo server was found to be vulnerable to SQL injection and exposing access to the associated local database. The Vidyo server was retired.