Описание
A vulnerability has been discovered in Cegid Meta4 HR that consists of execution after redirect. This vulnerability could allow an attacker to bypass the security measures of the applications by accessing the webappconfig.jsp file directly and canceling the redirect request, leading to the configuration file inside the application, in which an attacker could modify different parameters.
A vulnerability has been discovered in Cegid Meta4 HR that consists of execution after redirect. This vulnerability could allow an attacker to bypass the security measures of the applications by accessing the webappconfig.jsp file directly and canceling the redirect request, leading to the configuration file inside the application, in which an attacker could modify different parameters.
Связанные уязвимости
The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Instead of rewriting these pages to avoid this vulnerability, they will be dismissed from future releases of Cegid Meta4 HR, as they do not offer product functionality