Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-26261

Disclosure Date: March 08, 2023 (last updated February 24, 2025)
In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user. The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0