CVE-2019-10272
CVE-2019-10272 affects Weaver e-cology 9.0. A CRLF injection vulnerability exists in the /workflow/request/ViewRequestForwardSPA.jsp isintervenor parameter, demonstrated by the %0aSet-cookie: substring. CVSS data indicate base scores of 4.3 (CVSS2) and 6.1 (CVSS3) with network access, no authenti...