CVE-2019-18956
CVE-2019-18956 affects Divisa Proxia Suite (various 9.x, 10.x versions), SparkSpace, and Proxia PHR. The flaw is remote code execution via untrusted Java deserialization triggered by the insecure handling of the proxia-error cookie in every request. An unauthenticated attacker can craft a seriali...