|Category:||Web application abuses|
An attacker could send a POST request to any location on a vulnerable site with the tccj-update parameter
Successful exploitation would allow an attacker to redirect visitors to malvertising sites or steal payment information.
Even worse, it is possible for the attacker to detect when an administrator visits the site and send a request on their behalf to infect files with a backdoor or possibly
create a new, malicious administrator user account leading to takeover of the entire site.
Update to version 1.2.2 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2020-14063|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.