PT-2022-18729 · Cynet · Cynet 360 Web Portal

Name of the Vulnerable Software and Affected Versions: Cynet 360 Web Portal versions prior to 4.5 Description: The issue allows attackers to access a list of decoy users via a crafted GET request sent to "/WebApp/DeceptionUser/GetAllDeceptionUsers". Recommendations: For versions prior to 4.5,...