Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the application.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
HCL Technologies BigFix Platform 数据伪造问题漏洞
Vulnerability Description
HCL Technologies HCL BigFix Platform是印度HCL Technologies公司的一套端点安全管理平台。该平台支持自动发现、管理和修复端点安全问题。 HCL Technologies BigFix Platform 存在数据伪造问题漏洞,该漏洞源于应用程序允许用户执行某些敏感操作,而无需验证请求是否是有意发送的。攻击者利用该漏洞可以使受害者的浏览器向应用程序中的任意URL发出HTTP请求。
CVSS Information
N/A
Vulnerability Type
N/A