PT-2013-5989 · Tyler Technologies · Taxweb

Published

2013-10-28

Updated

2013-11-21

CVE-2013-6285

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Tyler Technologies TaxWeb version 3.13.3.1

Description The issue in the Treasurer application's search component allows remote attackers to obtain sensitive query-structure information by sending an invalid search request.

Recommendations For Tyler Technologies TaxWeb version 3.13.3.1, update to a version that fixes this issue, as the current version allows attackers to gain sensitive information through the search component.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2013-6285

Affected Products

Taxweb

PT-2013-5989 · Tyler Technologies · Taxweb

CVE-2013-6285

Weakness Enumeration

Related Identifiers

Affected Products

References · 2