Arbitrary Administrator Account Addition Vulnerability in nbnbk's Add Administrator Function
CVE-2022-46491 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
A Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts.
Learn more about our Web Application Penetration Testing UK.