Vulnerabilities > Quadbase > Espressreport Enterprise Server > High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-24	CVE-2019-9958	Cross-Site Request Forgery (CSRF) vulnerability in Quadbase Espressreport Enterprise Server 7.0 CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their requests. network low complexity quadbase CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.