Local File Inclusion Vulnerability in Appalti & Contratti 9.12.2

Local File Inclusion Vulnerability in Appalti & Contratti 9.12.2

CVE-2022-44786 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application.

Learn more about our Web App Pen Testing.