An issue was discovered in Quadbase ExpressDashboard (EDAB) 7 Update 9. It allows CSRF. An attacker may be able to trick an authenticated user into changing the email address associated with their account.
CPE | Name | Operator | Version |
---|---|---|---|
espressdashboard | eq | 7.0 update9 |