CVE-2023-39446

Name of the Vulnerable Software and Affected Versions MODULYS GP (MOD3GP-SY-120K) (affected versions not specified)

Description The issue is related to weaknesses in the user management level of a web application, allowing an attacker to obtain necessary information from headers to create specially designed URLs and perform malicious actions when a legitimate user is logged in. This can be exploited by a remote attacker to execute arbitrary actions. The vulnerability is also associated with cross-site request forgery.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.