Vulnerabilities > Rockwellautomation > Enhanced HIM > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-11 | CVE-2023-2746 | Cross-Site Request Forgery (CSRF) vulnerability in Rockwellautomation Enhanced HIM 1.001 The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a result, is vulnerable to a Cross Site Request Forgery (CSRF) attack. | 9.6 |