Cross-site request forgery (CSRF) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure
Click the icon to Follow me:- 
Posted by Jack Misiura via Fulldisclosure on Dec 11
Title: Cross-site request forgery (CSRF)
Product: OpenAsset Digital Asset Management by OpenAsset
Vendor Homepage: https://www.openasset.com/
Vulnerable Version: 12.0.19 (Cloud) 11.2.1 (On-premise)
Fixed Version: 12.0.26 (Cloud) 11.4.10 (On-premise)
CVE Number: CVE-2020-28858
Author: Jack Misiura from The Missing Link
Website: https://www.themissinglink.com.au
Timeline:
2020-11-14 Disclosed to Vendor
2020-12-04 Vendor releases final…
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
