Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Web-School ERP V 5.0 contains a cross-site request forgery (CSRF) vulnerability that allows a remote attacker to create a student_leave_application request through module/core/studentleaveapplication/create. The application fails to validate the CSRF token for a POST request using Guardian privilege.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Web-School ERP 跨站请求伪造漏洞
Vulnerability Description
Web-School ERP 是印度Web-School公司的一个应用系统。一个ERP应用系统。 Web-School ERP V 5.0 存在跨站请求伪造漏洞,攻击者可利用该漏洞可以通过模块核心studentleaveapplication create创建学生请假请求。
CVSS Information
N/A
Vulnerability Type
N/A