Back to CVE List

CVE-2018-25127

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
5.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Vulnerability Description

SOCA Access Control System 180612 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that submit forged requests to create admin accounts by tricking logged-in users into visiting a malicious site.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-352
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!