The application was vulnerable to Cross-Site Request Forgery (CSRF) attacks, allowing an attacker to coerce users into sending malicious requests to the site to delete their account, or in rare circumstances, hijack their account and create other admin accounts.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: TML
Published: 2022-10-31T20:06:41.873971Z
Updated: 2024-08-03T12:14:39.955Z
Reserved: 2022-09-08T00:00:00
Link: CVE-2022-40291
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-31T21:15:12.967
Modified: 2024-11-21T07:21:12.283
Link: CVE-2022-40291
Redhat
No data.