eRoom 6.x does not properly restrict files that can be attached, which allows remote attackers to execute arbitrary commands via a .lnk file.
CVSS Score
7.5
EPSS Score
0.009
Published
2005-07-11
eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks.
CVSS Score
7.5
EPSS Score
0.006
Published
2005-07-11