| CVE ID : |
CVE-2019-13409 |
|
A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password. |
| CVE ID : |
CVE-2019-13410 |
|
TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page. |
Solution :
Update to the latest version |
