Vulnerabilities > CVE-2016-8600 - 7PK - Security Features vulnerability in Dotcms 3.2.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
dotcms
CWE-254
NVD
Published: 2016-10-28
Updated: 2016-11-28

Summary

In dotCMS 3.2.1, attacker can load captcha once, fill it with correct value and then this correct value is ok for forms with captcha check later.

Vulnerable Configurations

Part Description Count
Application
Dotcms
1

Common Weakness Enumeration (CWE)

References