Описание
SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.
EPSS
Процентиль: 36%
0.00152
Низкий
4.7 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.7
github
около 1 года назад
SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.
EPSS
Процентиль: 36%
0.00152
Низкий
4.7 Medium
CVSS3
Дефекты
CWE-352