CVE-2019-9958
CVE-2019-9958 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their requests.
Learn more about our Web App Pen Testing.