MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 does not check “the additional environment security configuration,” which allows remote attackers with write permissions to reorder components.
CPE | Name | Operator | Version |
---|---|---|---|
c1_financial_services | eq | 9.1.4 |