Wowza Streaming Engine 4.8.0 and previous versions suffers from multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as adding another admin user via enginemanager/server/user/edit.htm in the Server->Users component. This issue was resolved in Wowza Streaming Engine 4.8.5.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wowza streaming engine |