5 matches found
CVE-2019-12783
creationtimestamp| type| source ---|---|--- 2020-07-15 00:46:06+00:00| exploited| https://t.me/VulnerabilityNews/15891 2020-07-15 00:55:07+00:00| seen| https://t.me/cibsecurity/13469 2020-07-15 00:55:08+00:00| seen| https://t.me/cibsecurity/13470...
Code injection
An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and...
CVE-2019-12783
An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site,...
CVE-2019-12783
CVE-2019-12783 (Verint Impact 360 15.1) is an open redirect at wfo/control/signin where the rd parameter can accept a URL, enabling redirection after login. When paired with CVE-2019-12784 (external submissions in the login form), this can be used to crowdsource bruteforce login attempts on the t...
Verint Impact 360 15.1 Open Redirect
!-- Exploit Title: Verint Impact 360 onLogin open redirect Date: 7-13-2020 Exploit Author: Ryan Delaney Author Contact: [email protected] Author LinkedIn: https://www.linkedin.com/in/infosecrd/ Vendor Homepage: https://www.verint.com/ Software Link:...