Authentication flaw

2021-04-1414:15:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON

Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities.

CPENameOperatorVersion
appspaceeq6.2.4

CPE	Name	Operator	Version
	appspace	eq	6.2.4

References

appspace.com

github.com/syedsohaibkarim/PoC-BrokenAuth-AppSpace6.2.4