CVE-2018-10232

MEDIUM

TOPdesk < 8.05.017 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for requests that can obtain sensitive information via unspecified vectors.

References (1)

Core 1

Scores

CVSS v3 6.5
EPSS 0.0058
EPSS Percentile 43.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-352
Status published
Products (2)
topdesk/topdesk 5.7 (9 CPE variants)
topdesk/topdesk 8.05.001 - 8.05.017
Published Jul 11, 2018
Tracked Since Feb 18, 2026