3 matches found
CVE-2018-8844
Philips e-Alert Unit (non‑medical device), Version R2.1 and prior, contains a Cross‑Site Request Forgery (CSRF) weakness in which the web application does not sufficiently verify that a user’s request is intentional. This CSRF issue could allow an attacker to perform unauthorized operations when ...
CVE-2018-8844
Philips e-Alert Unit non-medical device, Version R2.1 and prior. The web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request...
Philips e-Alert Unit
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/exploitable from within the same local subnet Vendor: Philips Equipment: Philips e-Alert Unit non-medical device Vulnerabilities: Improper Input Validation, Cross-site Scripting, Information Exposure,...