2 matches found
CVE-2019-25020
CVE-2019-25020 affects Scytl sVote 2.1. The root cause is an unauthenticated sdm-ws-rest API that allows retrieving administrative configuration by sending a POST to /sdm-ws-rest/preconfiguration. The impact is exposure of admin configuration (confidentiality impact noted as HIGH in CVSS 3.1). Ex...
Scytl sVote 访问控制错误漏洞
Scytl sVote is a Spanish Scytl open source application. Provides voters to vote online. A security vulnerability exists in Scytl sVote 2.1, which can be exploited by an attacker to retrieve the administrative configuration by sending a POST request to the sdm-ws-rest pre-configured URI...