CSRF Vulnerability in Chyrp Lite Version 2016.04 Allows Account Hijacking

CSRF Vulnerability in Chyrp Lite Version 2016.04 Allows Account Hijacking

CVE-2017-1000008 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password.

Learn more about our User Device Pen Test.