ITFlow Cross Site Request Forgery

CVE: CVE-2024-25344 CWE: CWE-352 Vendor: ITFlow.org Affected product: ITFlow - Before commit 432488eca3998c5be6b6b9e8f8ba01f54bc12378 Discoverer: stehled, WP-Pomoc.cz Attack-Type: Remote AV: Admin user has to open a page, provided by an attacker, which will then perform malicious request changing...