Cross site request forgery (csrf)

2019-05-1721:29:00

PRIOn knowledge base

www.prio-n.com

5.1 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%

JSON

GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request.

CPENameOperatorVersion
web_modulele1.30

CPE	Name	Operator	Version
	web_module	le	1.30

References

packetstormsecurity.com/files/152964/GAT-Ship-Web-Module-1.30-Information-Disclosure.html

seclists.org/fulldisclosure/2019/May/32

seclists.org/fulldisclosure/2019/May/29