We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
The web application is not protected against cross-site request forgery attacks. Therefore, an attacker can trick users into performing actions on the application when they visit an attacker-controlled website or click on a malicious link. E.g. an attacker can forge malicious links to reset the admin password or create new users.
Reserved 2024-03-05 | Published 2024-12-11 | Updated 2024-12-11 | Assigner SEC-VLabCWE-352 Cross-Site Request Forgery (CSRF)
Daniel Hirschberger (SEC Consult Vulnerability Lab)
Tobias Niemann (SEC Consult Vulnerability Lab)
r.sec-consult.com/imageaccess
www.imageaccess.de/?page=SupportPortal&lang=en
Support options