CSRF Protection Bypass in SLiMS 8 Akasia 8.3.1

CSRF Protection Bypass in SLiMS 8 Akasia 8.3.1

CVE-2018-12659 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token parameter.

Learn more about our Web Application Penetration Testing UK.