Unisys Data Exchange Management Studio prior to 6.0.IC2 and 7.x prior to 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
unisys data exchange management studio 7.0 |
||
unisys data exchange management studio 6.0.ic1 |