CVE-2019-9958

CVE-2019-9958 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their requests.

Learn more about our Web App Pen Testing.