Remote File Manipulation in Tyler Technologies Magistrate Court Case Management Plus

CVE-2023-6354 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Tyler Technologies Magistrate Court Case Management Plus allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the PDFViewer.aspx 'filename' parameter.

Learn more about our Web Application Penetration Testing UK.