RSS   Vulnerabilities for
'Espressreport enterprise server'
   RSS

2019-06-24
 
CVE-2019-9958

CWE-352
 

 
CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their requests.

 

 >>> Vendor: Quadbase 4 Products
Espressreport es
Espressreport enterprise server
Espressreports es
Expressdashboard


Copyright 2024, cxsecurity.com

 

Back to Top