MyT Project Management 1.5.1 CSRF

    Disclosure date:  8/19/19

    CVE-2019-15496

    MyT Project Management 1.5.1 and possibly before are affected by a Cross Site Request Forgery vulnerability due to a lack of CSRF protection.  This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.


    Viewing Users:





    Malicious page:





    Upon phishing the administrator:





    © 2020 sevenlayers.com