A Cross-Site Request Forgery issue exists in OSIsoft PI Web API versions before 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osisoft pi web api 1.8 |