A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implementation.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-full-compass-systems-wic1200 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-01-16T10:09:58.665Z
Updated: 2024-01-16T10:09:58.665Z
Reserved: 2024-01-15T08:35:59.922Z
Link: CVE-2024-0555
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-16T11:15:08.493
Modified: 2024-01-23T19:57:48.237
Link: CVE-2024-0555
JSON object: View
Redhat Information
No data.
CWE