Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields.
History

Wed, 23 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-07-26T00:00:00

Updated: 2024-10-23T19:19:51.879Z

Reserved: 2022-10-24T00:00:00

Link: CVE-2022-43710

cve-icon Vulnrichment

Updated: 2024-08-03T13:40:06.286Z

cve-icon NVD

Status : Modified

Published: 2023-07-26T14:15:09.767

Modified: 2024-11-21T07:27:06.440

Link: CVE-2022-43710

cve-icon Redhat

No data.