CSRF Vulnerability in SyGuestBook A5 Version 1.2

CSRF Vulnerability in SyGuestBook A5 Version 1.2

CVE-2019-13949 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

SyGuestBook A5 Version 1.2 has no CSRF protection mechanism, as demonstrated by CSRF for an index.php?c=Administrator&a=update admin password change.

Learn more about our Web Application Penetration Testing UK.