WEB Agentejo Cockpit Auth.php resetpassword function NoSQL injection (CVE-2020-35847)

Rule ID

1236530

Severity

Critical

Description

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.

Impact

Policy bypass

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2020-35847

msf

T1082

Keywords

N/A

Date Created

2025/04/09

Last Updated

2025/06/05

This website uses cookies to ensure you get the best experience on our website.

Learn more