PT-2020-12192 · Webuntis · Webuntis
Published
2020-03-13
·
Updated
2020-03-18
·
CVE-2020-10540
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WebUntis versions prior to 2020.9.6
Description
The issue allows for CSRF (Cross-Site Request Forgery) attacks under specific conditions related to user rights and module configurations.
Recommendations
For versions prior to 2020.9.6, update to version 2020.9.6 or later to resolve the issue.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Webuntis