5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.4%
Cross-site request forgery is facilitated by OpenCATS failure to require CSRF tokens in POST requests. An attacker can exploit this issue by creating a dummy page that executes Javascript in an authenticated user’s session when visited.
www.tenable.com/security/research/tra-2023-8