tribalsystems/zenario is vulnerable to cross-site request forgery (CSRF). The application does not verify the authenticity of a request to admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent
, which allows an attacker to submit a request on behalf of the victim when the victim visits a malicious HTML page.
CPE | Name | Operator | Version |
---|---|---|---|
tribalsystems/zenario | eq | 8.3.47997 | |
tribalsystems/zenario | eq | 42085 | |
tribalsystems/zenario | eq | 8.3.47997 | |
tribalsystems/zenario | eq | 42085 |