CVE-2019-16059

Publication date

2019-09-06 18:02:36

Family

mitre

State

PUBLISHED

Description

Sentrifugo 3.2 lacks CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code at index.php/dashboard/viewprofile via a crafted HTML page.