An issue exists in Selesta Visual Access Manager (VAM) 4.15.0 up to and including 4.29. It allows Cross-Site Request Forgery (CSRF) on any HTML form. An attacker can exploit the vulnerability to abuse functionalities such as change password, add user, add privilege, and so on.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
seling visual access manager |