Remote Privilege Escalation via Man-in-the-Middle Attack in Misys FusionCapital Opics Plus

Remote Privilege Escalation via Man-in-the-Middle Attack in Misys FusionCapital Opics Plus

CVE-2016-5654 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter.

Learn more about our Api Penetration Testing.