Description
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
Remediation
References
Related Vulnerabilities
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2017-20101)
WordPress Plugin Drag & Drop File Uploader 'dnd-upload.php' Arbitrary File Upload (0.1)
WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3)
WordPress Plugin Breezing Forms Cross-Site Scripting (1.2.7.42)
WordPress Plugin Stop User Enumeration User Enumeration (1.3.4)