Wisecp
Monthly
Cross-site request forgery in Sitemio Information Technologies' WISECP product through version 20022026 allows attackers to trick authenticated users into performing unintended state-changing actions by visiting a malicious page. Successful exploitation carries high impact across confidentiality, integrity, and availability (CVSS 8.0), though it requires user interaction and the victim to hold valid low-privilege credentials. No public exploit identified at time of analysis, and the vendor did not respond to disclosure outreach by TR-CERT.
Cross-site request forgery in Sitemio Information Technologies' WISECP product through version 20022026 allows attackers to trick authenticated users into performing unintended state-changing actions by visiting a malicious page. Successful exploitation carries high impact across confidentiality, integrity, and availability (CVSS 8.0), though it requires user interaction and the victim to hold valid low-privilege credentials. No public exploit identified at time of analysis, and the vendor did not respond to disclosure outreach by TR-CERT.