CVE-2021-28055

Cross-Site Request Forgery (CSRF) in packagist/centreon/centreon

Identifier

CVE-2021-28055

Package Slug

packagist/centreon/centreon

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

An issue was discovered in Centreon-Web in Centreon Platform The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.

Affected Versions

Version 20.10.0

Solution

Upgrade to version 20.10.1 or above.

Last Modified

2021-05-06

source