GHSA-92xh-6x7v-4rmq

Описание

CSRF

Summary

A cross-site request forgery vulnerability allows a remote actor to create an account with Owner privileges. By luring an Owner or Administrator into clicking a button on an attacker-controlled website, a request will be issued, generating an account with the attacker's information and role of their choosing.

Impact

While the likelihood of a successful exploit is low, the impact would be high as the attacker could then gain complete control over the victim's environment.