CSRF Vulnerability in PeteReport Version 0.5 Allows Unauthorized Deletion of Users, Products, Reports, and Findings

CSRF Vulnerability in PeteReport Version 0.5 Allows Unauthorized Deletion of Users, Products, Reports, and Findings

CVE-2022-23052 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

PeteReport Version 0.5 contains a Cross Site Request Forgery (CSRF) vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application.

Learn more about our User Device Pen Test.