Cross-Site Request Forgery vulnerability in Socomec Net...
High severity
Unreviewed
Published
May 7, 2024
to the GitHub Advisory Database
•
Updated May 7, 2024
Description
Published by the National Vulnerability Database
May 7, 2024
Published to the GitHub Advisory Database
May 7, 2024
Last updated
May 7, 2024
Cross-Site Request Forgery vulnerability in Socomec Net Vision, version 7.20. This vulnerability could allow an attacker to trick registered users into performing critical actions, such as adding and updating accounts, due to lack of proper sanitisation of the ‘set_param.cgi’ file.
References