CSRF
Summary
A cross-site request forgery vulnerability allows a remote actor to create an account with Owner privileges. By luring an Owner or Administrator into clicking a button on an attacker-controlled website, a request will be issued, generating an account with the attacker's information and role of their choosing.
Impact
While the likelihood of a successful exploit is low, the impact would be high as the attacker could then gain complete control over the victim's environment.
dead1nfluence Reporter
CSRF
Summary
A cross-site request forgery vulnerability allows a remote actor to create an account with Owner privileges. By luring an Owner or Administrator into clicking a button on an attacker-controlled website, a request will be issued, generating an account with the attacker's information and role of their choosing.
Impact
While the likelihood of a successful exploit is low, the impact would be high as the attacker could then gain complete control over the victim's environment.