IDCVSSSummaryLast (major) updatePublished
CVE-2019-18626 4.0
Harris Ormed Self Service before 2019.1.4 allows an authenticated user to view W-2 forms belonging to other users via an arbitrary empNo value to the ORMEDMIS/Data/PY/T4W2Service.svc/RetrieveW2EntriesForEmployee URI, thus exposing sensitive informati
30-03-2020 - 16:38 25-03-2020 - 18:15
Back to Top Mark selected
Back to Top