OSWAPP Warehouse Inventory System edit_account.php cross-site request forgery

A vulnerability was found in OSWAPP Warehouse Inventory System 1.0/2.0. It has been classified as problematic. Affected is an unknown function of the file /edit_account.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273552.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

跨站请求伪造(CSRF)

Warehouse Inventory System 跨站请求伪造漏洞

Warehouse Inventory System是OSWAPP社区的一个仓库库存管理系统。 Warehouse Inventory System 1.0 版本和 2.0 版本存在跨站请求伪造漏洞，该漏洞源于 /edit_account.php 文件包含一个跨站请求伪造漏洞。

N/A

N/A