Описание
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:h:snom:320_sip_phone:*:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00308
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
почти 4 года назад
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence.
EPSS
Процентиль: 54%
0.00308
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-352