Vulnerabilities > Wowza > Streaming Engine > 4.8.8.01
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-05 | CVE-2021-35491 | Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName parameter. | 5.8 |
2021-10-05 | CVE-2021-35492 | Allocation of Resources Without Limits or Throttling vulnerability in Wowza Streaming Engine Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. | 4.0 |