Critical severity9.8NVD Advisory· Published Mar 24, 2020· Updated Jun 17, 2026
CVE-2020-8986
CVE-2020-8986
Description
lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain administrative access with a large number of requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ZendTo/ZendTodescription
Patches
Vulnerability mechanics
References
1- zend.to/changelog.phpnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.