← back
CVE-2017-20120

TrueConf Server cross-site request forgery

CVSS 4.3 MEDIUMEPSS 0.4%CWE-352
A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Affected products
TrueConf · Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://vuldb.com/?id.96634https://www.exploit-db.com/exploits/41184/