Unauthenticated Remote File Manipulation in Tyler Technologies Civil and Criminal Electronic Filing

Unauthenticated Remote File Manipulation in Tyler Technologies Civil and Criminal Electronic Filing

CVE-2023-6353 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Tyler Technologies Civil and Criminal Electronic Filing allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the Upload.aspx 'enky' parameter.

Learn more about our Web Application Penetration Testing UK.