CVE-2020-24985

Published: 2021-03-15T18:15Z

Last Modified: 2024-11-21T05:16Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute external files or payloads. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt