Zend - Zendto CVE

Filtered by vendor Zend Subscribe

Filtered by product Zendto

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-8986	1 Zend	1 Zendto	2020-03-27	7.5 HIGH	9.8 CRITICAL
lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain administrative access with a large number of requests.

Vulnerabilities (CVE)