CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Weaver: >> E-Cology Security Vulnerabilities

CVE-2019-10272

An issue was discovered in Weaver e-cology 9.0. There is a CRLF Injection vulnerability via the /workflow/request/ViewRequestForwardSPA.jsp isintervenor parameter, as demonstrated by the %0aSet-cookie: substring.

CVSS Score

6.1

EPSS Score

0.003

Published

2019-04-30

Page 2

Vulnerabilities

Vulnerable Software

Weaver: >> E-Cology Security Vulnerabilities

Products

Pricing

Contact Us