Vulnerabilities > Zend > Zendto > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-03-24 CVE-2020-8986 Improper Check for Unusual or Exceptional Conditions vulnerability in Zend Zendto
lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain administrative access with a large number of requests.
network
low complexity
zend CWE-754
critical
9.8