Cross site request forgery (csrf)

2021-04-1519:15:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.6%

JSON

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.

CPENameOperatorVersion
centreoneq20.10.0

CPE	Name	Operator	Version
	centreon	eq	20.10.0

References

github.com/centreon/centreon/pull/9612