Cross-Site Request Forgery (CSRF)

Avenwu Whistle is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to insufficient validation of API requests, allowing attackers to perform malicious API calls that result in arbitrary code execution on the victim's machine...

CVE-2024-55500

Cross-Site Request Forgery CSRF in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine...