Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device.
9.6CVSS
7.4AI Score
0.0005EPSS
A successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web application.
8.8CVSS
8.6AI Score
0.001EPSS