CSRF Vulnerability in Quadbase EspressReports ES 7 Update 9 Allows Unauthorized File Upload
CVE-2020-24984 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An issue was discovered in Quadbase EspressReports ES 7 Update 9. It allows CSRF, whereby an attacker may be able to trick an authenticated admin level user into uploading malicious files to the web server.
Learn more about our Web App Pen Testing.