Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.04077
Percentile:
0.8807
CVSS Scoring
CVSS v3.1 Score: 6.5
Severity: MEDIUM
Mapped CWE(s)
-
CWE-352
: Cross-Site Request Forgery (CSRF)
All CAPEC(s)
-
CAPEC-111: JSON Hijacking (aka JavaScript Hijacking)
-
CAPEC-462: Cross-Domain Search Timing
-
CAPEC-467: Cross Site Identification
-
CAPEC-62: Cross Site Request Forgery
CAPEC(s) with Mapped TTPs
Mapped ATT&CK TTPs
Affected Products
- cpe:2.3:a:fusetalk:fusetalk:2.0:-:*:*:*:*:*:*
← Back to Home