← Voltar para CVEs
CVE-2019-13071
N/ADescricao
CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado7/10/2019
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
cyberpowersystems:powerpanel
Fraquezas (CWE)
CWE-352
Referencias
http://packetstormsecurity.com/files/153581/PowerPanel-Business-Edition-3.4.0-Cross-Site-Request-Forgery.html(cve@mitre.org)
http://seclists.org/fulldisclosure/2019/Jul/11(cve@mitre.org)
http://packetstormsecurity.com/files/153581/PowerPanel-Business-Edition-3.4.0-Cross-Site-Request-Forgery.html(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2019/Jul/11(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.