Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20").

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.00409
Percentile: 0.6043

CVSS Scoring

Affected Products

• cpe:2.3:a:mercur:mercur_messaging:2005_sp2:*:*:*:*:*:*:*

← Back to Home