Описание
A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implementation.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:xantech:wic1200_firmware:1.1:*:*:*:*:*:*:*
cpe:2.3:h:xantech:wic1200:-:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
4.6 Medium
CVSS3
8 High
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.6
github
около 2 лет назад
A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implementation.
EPSS
Процентиль: 14%
0.00047
Низкий
4.6 Medium
CVSS3
8 High
CVSS3
Дефекты
CWE-352