← Back

Egov

egov

Vendor: Newgensoft • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-35737
1Newgensoft
1Egov
Nov 21, 2024
Dec 30, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
In Correspondence Management System (corms) in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference.