Vulnerability in N/a

CVE-2022-47075

An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx.

EPSS: 0.921 (99.7th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References