Impact
BY manipulating HTTP queries, a user can inject malicious content in the fields used for the object friendlyname value.
Patches
Fixed in 3.1.1, 3.2.0
References
Credits
Many thanks to @viliald and Haido for their respective reports !
For more information
If you have any questions or comments about this advisory:
Email us at [email protected]
Impact
BY manipulating HTTP queries, a user can inject malicious content in the fields used for the object friendlyname value.
Patches
Fixed in 3.1.1, 3.2.0
References
Credits
Many thanks to @viliald and Haido for their respective reports !
For more information
If you have any questions or comments about this advisory:
Email us at [email protected]