CVE-2019-1877
Cisco Enterprise Chat and Email contains an HTTP API vulnerability in the file-download function due to insufficient authentication, allowing unauthenticated, remote attackers to download files attached in chat sessions. A crafted request to the API can exfiltrate files from other users. Affected...