CVE-2020-14982
N/A
N/A
Summary
A Blind SQL Injection vulnerability in Kronos WebTA 3.8.x and later before 4.0 (affecting the com.threeis.webta.H352premPayRequest servlet's SortBy parameter) allows an attacker with the Employee, Supervisor, or Timekeeper role to read sensitive data from the database.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.mindpointgroup.com/articles/
- https://www.mindpointgroup.com/blog/webta-sqli-vulnerability/
References
- https://www.mindpointgroup.com/articles/
- https://www.mindpointgroup.com/blog/webta-sqli-vulnerability/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.