| عنوان | SCADA-LTS Project Scada-LTS <=1cfaed4b35117e4871bc3dfeae073f61d8e3bb3d Cross-Site Request Forgery (CSRF) |
|---|
| الوصف | Spring Security's CSRF protection for all web contexts. Any attacker-controlled site can trigger authenticated browsers to execute state-changing REST requests (e.g., /api/watch-lists), resulting in unauthorized modifications performed under the victim account. |
|---|
| المصدر | ⚠️ https://github.com/Xzzz111/exps/blob/main/archives/Scada-LTS-CSRF-1/report.md |
|---|
| المستخدم | sh7err02 (UID 92378) |
|---|
| ارسال | 07/11/2025 08:29 AM (8 أشهر منذ) |
|---|
| الاعتدال | 29/11/2025 09:33 PM (23 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 333794 [Scada-LTS حتى 2.7.8.1 تزوير طلبات عبر المواقع] |
|---|
| النقاط | 17 |
|---|