Vulnerability Details CVE-2021-27759
This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.8%
CVSS Severity
CVSS v3 Score 2.3
CVSS v2 Score 4.3
References
Products affected by CVE-2021-27759
-
cpe:2.3:a:hcltech:bigfix_inventory:*