4 matches found
Cross site scripting
An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200528, 2019R2 before p20200430, and 2020R1 before p20200507. A cross-site scripting XSS vulnerability exists in the login menu...
Server side request forgery (ssrf)
An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery SSRF that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to ...
CVE-2020-13650
An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery SSRF that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to ...
CVE-2020-13650
DigDash 2018R2 before p20200210 and 2019R1 before p20200210 are affected by a Server-Side Request Forgery (SSRF) on the login page, allowing use of the application as a proxy. External requests can disclose application credentials; internal requests can be blind, but error messages may indicate w...