PT-2018-12189 · Abbyy · Abbyy Flexicapture

Published

2018-07-09

Updated

2018-09-07

CVE-2018-13793

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ABBYY FlexiCapture versions prior to 12 Release 1 Update 7

Description The issue concerns multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API. These vulnerabilities exist in various components, including Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.

Recommendations For versions prior to 12 Release 1 Update 7, update to version 12 Release 1 Update 7 or later to resolve the issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2018-13793

Affected Products

Abbyy Flexicapture

PT-2018-12189 · Abbyy · Abbyy Flexicapture

CVE-2018-13793

Weakness Enumeration

Related Identifiers

Affected Products

References · 3