CVE-2021-31589

CVE-2021-31589

BeyondTrust Secure Remote Access Base Software through 6.0.1 allows an attacker to achieve full admin access to the appliance, by tricking the administrator into creating a new admin account through an XSS/CSRF attack involving a crafted request to the /appliance/users?action=edit endpoint. This cross-site-scripting (XSS) vulnerability occurs when it does not properly sanitize an unauthenticated crafted web request to the server

Source: CVE-2021-31589

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다