CVE-2021-41764
N/A
N/A
Summary
A cross-site request forgery (CSRF) vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a CSRF attack and send them to the attacker.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/streamaserver/streama
- https://gist.github.com/omriinbar/3c741d309e5d0ede29dc7ecdad4eba3f
- https://gist.github.com/omriinbar/8277193731d0edf20ef71299f304ab93
References
- https://github.com/streamaserver/streama
- https://gist.github.com/omriinbar/3c741d309e5d0ede29dc7ecdad4eba3f
- https://gist.github.com/omriinbar/8277193731d0edf20ef71299f304ab93
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.