Cross site request forgery (csrf)

A CSRF issue in manager/deletemachine/id in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database...

CVE-2020-15882

CVE-2020-15882 is a CSRF vulnerability in MunkiReport’s manager/delete_machine/{id} endpoint, prior to version 5.6.3. The flaw enables an attacker to delete arbitrary machines from the MunkiReport database by exploiting lack of CSRF protection. Affected product/version: MunkiReport before 5.6.3. ...