The PdfServlet-functionality used by the "Tee vakuutustodistus" allows injection of custom PDF-content via CSRF-attack

Disclosed: 2016-09-05 18:19:17 By putsi To localtapiola

Unknown

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 129002
State: Closed
Substate: resolved
Upvotes: 5

Share this report