Details

      Description

      By sending a single HTTP request for a JSON service, the portal can be configured to use a remote Memcache that an attacker controls. This allows the attacker to read and/or manipulate any data that is stored in the database, essentially granting the attacker full control of the server.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                samuel.kong Samuel Kong
                Reporter:
                samuel.kong Samuel Kong
                Participants of an Issue:
                Recent user:
                Esther Sanz
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  5 years, 22 weeks ago