Cross site request forgery (csrf)

daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting XSS and cross site request forgery CSRF vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected in...

PT-2022-16016 · Unknown · Daloradius

Name of the Vulnerable Software and Affected Versions: daloRADIUS versions 1.3 and prior Description: daloRADIUS is an open source RADIUS web management application. It is vulnerable to a combination of cross site scripting XSS and cross site request forgery CSRF vulnerabilities, which can lead t...