7.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.5%
Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.
seclists.org/bugtraq/2017/Sep/19
seclists.org/fulldisclosure/2017/Sep/38