An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, anyone can add a vendor account or read existing vendor account data (including usernames and passwords).
CPE | Name | Operator | Version |
---|---|---|---|
personify360 | eq | 7.5.2 | |
personify360 | eq | 7.6 | |
personify360 | eq | 7.6.1 |