CVE-2021-4461 | Seeyon Zhiyuan OA Web Application System up to 7.0 SP1 thirdpartyController.do enc missing authentication

A vulnerability, which was classified as critical, was found in Seeyon Zhiyuan OA Web Application System up to 7.0 SP1. Affected by this issue is some unknown functionality of the file thirdpartyController.do. The manipulation of the argument enc results in missing authentication.

This vulnerability was named CVE-2021-4461. The attack may be performed from remote. In addition, an exploit is available.VulDB Recent EntriesRead More