Lucene search
+L

5 matches found

OSV
OSV
added 2018/10/10 9:29 p.m.6 views

CVE-2018-12596

Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden normally available exclusively for local...

9.8CVSS5.8AI score0.22379EPSS
Exploits5References4
NVD
NVD
added 2018/10/10 9:29 p.m.32 views

CVE-2018-12596

Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden normally available exclusively for local...

9.8CVSS9.2AI score0.22379EPSS
Exploits5References4
Prion
Prion
added 2018/10/10 9:29 p.m.19 views

Design/Logic Flaw

Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden normally available exclusively for local...

7.5CVSS9.2AI score0.22379EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2018/10/10 9:0 p.m.37 views

CVE-2018-12596

Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden normally available exclusively for local...

9.3AI score0.22379EPSS
Exploits5References4
CVE
CVE
added 2018/10/10 9:0 p.m.81 views

CVE-2018-12596

CVE-2018-12596 affects Episerver/Ektron CMS (notably version 9.20 SP2) where remote attackers can reach the activateuser.aspx page, even when located under /WorkArea/ (normally restricted to local admins). The vulnerability is caused by improper access restrictions, permitting unauthorized enabli...

9.8CVSS9.1AI score0.22379EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder