Bypassing Authentication in EasyVista Single Sign-On Implementation
CVE-2012-1256 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The single sign-on (SSO) implementation in EasyVista before 2010.1.1.89 allows remote attackers to bypass authentication via a modified url_account parameter, in conjunction with a valid login name in the SSPI_HEADER parameter, to index.php.
Learn more about our Web Application Penetration Testing UK.