VYPR

xPost

by Cayin

CVEs (1)

  • CVE-2020-7356CriAug 6, 2020
    risk 0.04cvss 10.0epss 0.14

    CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinder_seqid' in wayfinder_meeting_input.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate…