1 results (0.001 seconds)
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 1
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13658
https://notcve.org/view.php?id=CVE-2020-13658
In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF attack that would allow a low-level Lansweeper user to elevate their privileges within the application. En Lansweeper versión 8.0.130.17, la consola web es vulnerable a un ataque de tipo CSRF que permitiría a un usuario de Lansweeper de bajo nivel escalar sus privilegios dentro de la aplicación • https://research.nccgroup.com/2020/09/25/technical-advisory-lansweeper-privilege-escalation-via-csrf-using-http-method-interchange https://www.nccgroup.com/us/our-research/?research=Technical+advisories • CWE-352: Cross-Site Request Forgery (CSRF) •