ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability - CVE-2017-20101 - Vulnerability Database

ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability - CVE-2017-20101

Medium

Reference: CVE-2017-20101

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-20101

Title: ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability

Overview:

A vulnerability which was classified as problematic was found in ProjectSend r754. This affects an unknown part of the file process.phpdozip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely.