CVE-2023-32792

Name of the Vulnerable Software and Affected Versions NXLog Manager version 5.6.5633

Description The issue is a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. This is due to the absence of proper validation of the origin of incoming requests.

Recommendations For NXLog Manager version 5.6.5633, consider implementing proper validation of the origin of incoming requests to prevent CSRF attacks. As a temporary workaround, restrict access to sensitive role management functions until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.