CSRF Vulnerability in Helmet Store Showroom 1.0 Allows Unauthorized Admin Account Addition

CSRF Vulnerability in Helmet Store Showroom 1.0 Allows Unauthorized Admin Account Addition

CVE-2022-46074 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated user can add an admin account due to missing CSRF protection.

Learn more about our User Device Pen Test.