CVE-2016-20035
EUVD-2016-1082516.03.2026, 14:17
Wowza Streaming Engine 4.5.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by crafting malicious web pages. Attackers can trick logged-in administrators into visiting a malicious site that submits POST requests to the user edit endpoint to create new admin accounts with arbitrary credentials.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| wowza | streaming_engine | 4.5.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration