CVE-2024-28141 Information

Description

The web application is not protected against cross-site request forgery attacks. Therefore an attacker can trick users into performing actions on the application when they visit an attacker-controlled website or click on a malicious link. E.g. an attacker can forge malicious links to reset the admin password or create new users.

Reference

https://r.sec-consult.com/imageaccess https://www.imageaccess.de/?page=SupportPortal&lang=en