Remote File Manipulation in Tyler Technologies Magistrate Court Case Management Plus
CVE-2023-6354 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Tyler Technologies Magistrate Court Case Management Plus allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the PDFViewer.aspx 'filename' parameter.
Learn more about our Web Application Penetration Testing UK.