2 matches found
CVE-2020-8986
CVE-2020-8986 affects ZendTo prior to 5.22-2 Beta. The issue is in lib/NSSDropbox.php where equality is not correctly checked when validating the session cookie, enabling an attacker to gain administrative access with a large number of requests. The Red Hat/NVD entries corroborate the impact and ...
CVE-2020-8986
lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain administrative access with a large number of requests...