Remote Code Execution in ShowDoc 2.4.1: Unauthorized Editing of User Notes

Remote Code Execution in ShowDoc 2.4.1: Unauthorized Editing of User Notes

CVE-2018-19620 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified page_id.

Learn more about our User Device Pen Test.