2 matches found
CVE-2020-7480
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists in Andover Continuum All versions, which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data...
CVE-2020-7480
CVE-2020-7480 concerns Andover Continuum (all versions) with a CWE-94 code injection flaw. The vulnerability arises from improper control over code generation during XML data processing, enabling an attacker to view files on the application server filesystem. Connected sources confirm the affecte...