CVE-2022-38359

CVE-2022-38359

Cross-site request forgery attacks can be carried out against the Eyes of Network web application, due to an absence of adequate protections. An attacker can, for instance, delete the admin user by directing an authenticated user to the URL https://<target-address>/module/admin_user/index.php?DataTables_Table_0_length=10&user_selected%5B%5D=1&user_mgt_list=delete_user&action=submit by means of a crafted link.

Source: CVE-2022-38359

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다