Critical severity9.8NVD Advisory· Published Jul 9, 2018· Updated Jun 17, 2026
CVE-2018-13791
CVE-2018-13791
Description
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.
Affected products
1- Range: <12 Release 1 Update 7
Patches
Vulnerability mechanics
References
1- abbyydownloads.com/fc12/PreviousReleaseNotes/ReleaseNotes_FC12_R1_U3_1299.18_build_12.0.1.516.pdfnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.