Cross Site Request Forgery (CSRF) Vulnerability in CloverDX Server Console Allows Remote Code Execution
CVE-2021-29995 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
A Cross Site Request Forgery (CSRF) issue in Server Console in CloverDX through 5.9.0 allows remote attackers to execute any action as the logged-in user (including script execution). The issue is resolved in CloverDX 5.10, CloverDX 5.9.1, CloverDX 5.8.2, and CloverDX 5.7.1.
Learn more about our Cis Benchmark Audit For Server Software.