CVE-2020-36918

Name of the Vulnerable Software and Affected Versions iDS6 DSSPro Digital Signage System version 6.2

Description Cross-site request forgery occurs due to a lack of request validation, allowing attackers to perform administrative actions. By crafting malicious web pages, attackers can trick authenticated administrators into adding unauthorized users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.