Cross-Site Request Forgery (CSRF) Vulnerability in GX Software XperienCentral Interactive Forms (IAF)

Cross-Site Request Forgery (CSRF) Vulnerability in GX Software XperienCentral Interactive Forms (IAF)

CVE-2022-43710 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields.

Learn more about our Web Application Penetration Testing UK.