CVE-2021-35491

Posted on by admin

CVE-2021-35491

A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName parameter. The application does not implement a CSRF token for the GET request.

Source: CVE-2021-35491

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다