CVE-2020-6844

HIGH

Topmanage Olk Webstore - CSRF

Title source: rule
STIX 2.1

Description

In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.

Exploits (1)

exploitdb WORKING POC
by Joel Aviad Ossi · textwebappsasp
https://www.exploit-db.com/exploits/47960

References (2)

Scores

CVSS v3 8.8
EPSS 0.0022
EPSS Percentile 44.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (1)
topmanage/olk_webstore 2020
Published Feb 18, 2020
Tracked Since Feb 18, 2026