CSRF Vulnerability in Sharetronix Allows Unauthorized Administrative Privilege Escalation

CSRF Vulnerability in Sharetronix Allows Unauthorized Administrative Privilege Escalation

CVE-2014-3414 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in Sharetronix before 3.4 allows remote attackers to hijack the authentication of administrators for requests that add administrative privileges to a user via the admin parameter to admin/administrators.

Learn more about our User Device Pen Test.