Описание
Prima Systems FlexAir devices allow Cross-Site Request Forgery (CSRF).
Prima Systems FlexAir devices allow Cross-Site Request Forgery (CSRF).
Связанные уязвимости
CVSS3: 8.8
nvd
больше 6 лет назад
Prima Systems FlexAir, Versions 2.3.38 and prior. An unauthenticated user can send unverified HTTP requests, which may allow the attacker to perform certain actions with administrative privileges if a logged-in user visits a malicious website.