CVE-2016-4504 in WEB'loginfo

Summary

A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

05/05/2016

Disclosure

03/21/2017

Entries

1

CPE

ready

CVSS

6.5

EPSS

0.00103

CTI

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2016-4504
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2016-4504
CVE Detailshttps://www.cvedetails.com/cve/CVE-2016-4504/

PreviousOverviewNext