CVE-2020-8592

by Fred · 03/02/2020

eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet (aka the Forgot Password feature).

Date published : 2020-02-03