2 matches found
CVE-2020-28031
eramba through c2.8.1 allows HTTP Host header injection with for example resultant wkhtml2pdf PDF printing by authenticated users...
CVE-2020-28031
CVE-2020-28031 affects eramba up to version 2.8.1, where HTTP Host header injection is possible. The impact described is that authenticated users can leverage wkhtml2pdf to print PDFs due to this header manipulation. The provided connected sources confirm the vulnerability description but do not ...