ZOOM on-premise Meeting Connector 输入验证错误漏洞

ZOOM on-premise Meeting Connector is a meeting connector from Zoom ZOOM USA. A security vulnerability exists in versions prior to ZOOM On-Premise Meeting Connector Controller 4.6.358.20210205, which stems from the zone controller service failing to validate the cnt field sent in incoming network...

Code injection

Addalink 1.0 beta 4 and earlier allows remote attackers to 1 approve web-site additions via a modified approved field and 2 change the visit-counter value via a modified counter field...