2 matches found
CVE-2020-7169
A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...
CVE-2020-7169
Affected product : HPE Intelligent Management Center (iMC). Vulnerability class : ictExpertCSVDownload expression language injection leading to remote code execution. Root cause : improper handling of the beanName parameter in ictExpertCSVDownload.xhtml, allowing crafted input to be evaluated as ...