Описание
Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields.
Ссылки
- Product
- Vendor Advisory
- Product
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.31.0 (включая) до 10.33.0 (включая)
cpe:2.3:a:gxsoftware:xperiencentral:*:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00141
Низкий
8.8 High
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
больше 2 лет назад
Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields.
EPSS
Процентиль: 35%
0.00141
Низкий
8.8 High
CVSS3
Дефекты
CWE-352