The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2022-11-08T00:00:00

Updated: 2024-08-03T06:56:13.567Z

Reserved: 2022-05-13T00:00:00

Link: CVE-2022-30694

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-11-08T11:15:10.413

Modified: 2024-11-21T07:03:11.067

Link: CVE-2022-30694

cve-icon Redhat

No data.