Vulnerabilities

CVE-2023-6342

by Fred · 30/11/2023

Tyler Technologies Court Case Management Plus allows a remote attacker to authenticate as any user by manipulating at least the ‘CmWebSearchPfp/Login.aspx?xyzldk=’ and ‘payforprint_CM/Redirector.ashx?userid=’ parameters. The vulnerable "pay for print" feature was removed on or around 2023-11-01.

Date published : 2023-11-30

https://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md

Security flaws in court record systems used in five US states exposed sensitive legal documents

Similar

Tags: Cybersecurity Alert