Closed SecGus closed 4 years ago
I have found a way to execute commands on the remote server if an attacker can get an administrator to click on a link sent to them, also known as one click RCE.
This attack chain is fairly simple to exploit, and fairly simple to fix.
Let me know if more details are wanted.
Fixed by 967da65e40efbdf31973b8f065de9eabebd3accf and other commits
I have found a way to execute commands on the remote server if an attacker can get an administrator to click on a link sent to them, also known as one click RCE.
This attack chain is fairly simple to exploit, and fairly simple to fix.
Let me know if more details are wanted.