CVE-2023-27295
- Reference to the description:
- Description:
- Cross-site request forgery is facilitated by OpenCATS failure to require CSRF tokens in POST requests. An attacker can exploit this issue by creating a dummy page that executes Javascript in an authenticated user's session when visited.
- Last updated date:
- 03/04/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/04/2023
- Reference url to background