3 matches found
CVE-2020-28856
creationtimestamp| type| source ---|---|--- 2020-12-14 20:39:52+00:00| seen| https://t.me/cibsecurity/20752...
CVE-2020-28856
Summary (CVE-2020-28856) OpenAsset Digital Asset Management (DAM) prior to 12.0.20 (Cloud) / 11.4.10 (On‑premise) improperly determines the originating IP from HTTP requests, enabling spoofing via the X-Forwarded-For header (e.g., 127.0.0.1) and bypassing IP‑based access controls. Affected versio...
OpenAsset Digital Asset Management IP Access Control Bypass
Title: IP access control bypass Product: OpenAsset Digital Asset Management by OpenAsset Vendor Homepage: https://www.openasset.com/ Vulnerable Version: 12.0.19 Cloud 11.2.1 On-premise Fixed Version: 12.0.20 Cloud 11.4.10 On-premise CVE Number: CVE-2020-28856 Author: Jack Misiura from The Missing...