-
-
Save omriinbar/8277193731d0edf20ef71299f304ab93 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CVE-2021-41764 | |
Vulnerable Product Version: All version up to and including v1.10.3 | |
Vulnerability Type: Cross-Site Request Forgery (CWE-352) | |
Description: A Cross-site request forgery (CSRF) vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a CSRF attack and send them to the attacker. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment