CVE-2022-38359

Cross-site request forgery attacks can be carried out against the Eyes of Network web application, due to an absence of adequate protections. An attacker can, for instance, delete the admin user by directing an authenticated user to the URL https:///module/admin_user/index.php?DataTables_Table_0_length=10&user_selected%5B%5D=1&user_mgt_list=delete_user&action=submit by means of a crafted link.
References
Link Resource
https://www.tenable.com/security/research/tra-2022-29 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:eyeofnetwork:eyes_of_network_web:5.3:*:*:*:*:*:*:*

Information

Published : 2022-08-15 11:15

Updated : 2022-08-17 01:49


NVD link : CVE-2022-38359

Mitre link : CVE-2022-38359

Products Affected
No products.
CWE