The following exploit code can be used to exploit this vulnerability:
The vulnerability is present in the 'actionMessage' parameter which includes json parameters(ContactCommon) in ConnectWise Manage version v2017.5.
The vulnerability was reported to Mitre on July 29, 2017, and was publicly disclosed on August 1, 2017.
The discovery of this vulnerability highlights the importance of regularly testing web applications for vulnerabilities and promptly applying necessary security patches to ensure the safety and security of sensitive data. Vulnerabilities such as CVE-2017-11727 can be exploited by attackers to perform various malicious activities and can have serious consequences for businesses and individuals alike.