3 matches found
CVE-2022-29468
A cross-site request forgery CSRF vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability...
CVE-2022-29468
CVE-2022-29468 affects WWBN AVideo 11.6 and the dev master commit 3f7c0364. Talos confirms a CSRF vulnerability with no protection across the app, enabling privilege escalation when an authenticated user is tricked into submitting a crafted request (e.g., password change). Affected versions inclu...
WWBN AVideo all cross-site request forgery (csrf) vulnerability
Talos Vulnerability Report TALOS-2022-1534 WWBN AVideo all cross-site request forgery csrf vulnerability August 16, 2022 CVE Number CVE-2022-29468 SUMMARY A cross-site request forgery CSRF vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request ca...