writeups.xyz / Finding Multiple Security Issues on Agorapulse

Submitter : c2a

Date: 24 October 2022

Bounty : undisclosed

Vulnerabilities :

• Log4shell
• RCE
• Information Disclosure
• Broken Access Control
• Privilege Escalation

Programs :

• Agorapulse

Authors :

• Snap Sec (@Snap_sec)

Link :
https://snapsec.co/blog/Hacking-Agorapulse/