Rainworx Auctionworx < 3.1R2 is vulnerable to a Cross-Site Request Forgery (CSRF) attack that allows an authenticated user to upgrade his account to admin and gain access to the auctionworx admin control panel. This vulnerability affects AuctionWorx Enterprise and AuctionWorx: Events Edition.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-05-02T10:30:29
Updated: 2024-08-03T03:59:22.512Z
Reserved: 2022-01-24T00:00:00
Link: CVE-2022-23904
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-05-02T12:16:26.557
Modified: 2024-11-21T06:49:26.327
Link: CVE-2022-23904
Redhat
No data.