2 matches found
Encore Discovery Solution Multiple Vulnerability Disclosure
Product: Encore Discovery Solution Vendor: Innovative Interfaces Inc Vulnerable Version: 4.3 Tested Version: 4.3 Vendor Notification: June 19, 2014 Public Disclosure: August 26, 2014 Vulnerability Type: Open Redirect CWE-601 CVE Reference: CVE-2014-5127 Risk Level: Medium CVSSv2 Base Score: 4.3...
CVE-2014-5128
The vulnerability CVE-2014-5128 affects Encore Discovery Solution 4.3 from Innovative Interfaces Inc. The advisory details that the product “places a session token in the URI,” exposing the session token via GET parameters and creating potential information leakage through unspecified vectors. Th...