Unauthenticated Information Disclosure in CIPPlanner CIPAce 9.1 Build 2019092801
CVE-2020-11591 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the full application path along with the customer name.
Learn more about our Api Penetration Testing.