CSRF Vulnerability in Mahara: Easily Guessable Randomly Generated Tokens
CVE-2022-28892 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.
Learn more about our Web Application Penetration Testing UK.