The LISTSERV 17 web interface allows remote malicious users to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lsoft listserv 17.0 |