SSD Advisory – SME Server Unauthenticated XSS To Privileged Remote Code Execution
Credit to Author: SSD / Ori Nimron| Date: Mon, 07 Jan 2019 13:21:59 +0000
Vulnerabilities Summary The following advisory describes a vulnerability in SME Server 9.2, which lets an unauthenticated attackers perform XSS attack that leads to remote code execution as root. SME Server is a Linux distribution for small and medium enterprises by Koozali foundation. CVE CVE-2018-18072 Credit An independent security researcher, Karn Ganeshen has reported this vulnerability … Continue reading SSD Advisory – SME Server Unauthenticated XSS To Privileged Remote Code Execution
Read more