Intrusion Prevention



This indicates an attack attempt against a PHP Code Injection vulnerability in
Active Collab.
The vulnerability is caused by an error when the software handles a malicious "POST" request. It allows a remote attacker to execute arbitrary code via sending a crafted request.

Affected Products

Active Collab chat module 2.3.8 and prior


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.

CVE References