Описание
CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page.
Ссылки
- ExploitThird Party Advisory
- ExploitMailing ListThird Party Advisory
- ExploitThird Party Advisory
- ExploitMailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cyberpowersystems:powerpanel:3.4.0:*:*:*:business:*:*:*
EPSS
Процентиль: 55%
0.0033
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page.
EPSS
Процентиль: 55%
0.0033
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352