1 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file like /assets/ a popup may request username and password. • https://vuldb.com/?ctiid.247158 https://vuldb.com/?id.247158 • CWE-284: Improper Access Control •