Cross-Site Request Forgery in EPSON EPS TSE Server 8 by EPSON
CVE-2020-28931
8.8HIGH
What is CVE-2020-28931?
The EPSON EPS TSE Server 8 (version 21.0.11) is vulnerable to Cross-Site Request Forgery due to the absence of an anti-CSRF token in its entire administrative interface. This lack of validation allows an unauthenticated attacker to exploit the system by tricking an administrator into executing malicious POST requests simply by visiting a compromised website. Effective remediation measures should be prioritized to protect administrative actions from unauthorized execution.
