CSRF Vulnerability in NXLog Manager 5.6.5633: Unauthorized User Account Manipulation and Deletion

CSRF Vulnerability in NXLog Manager 5.6.5633: Unauthorized User Account Manipulation and Deletion

CVE-2023-32791 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests.

Learn more about our Cis Benchmark Audit For Server Software.