What the vulnerability does
01Description
Missing Authorization vulnerability in czater Czater.pl – live chat i telefon czater allows Cross Site Request Forgery.This issue affects Czater.pl – live chat i telefon: from n/a through <= 1.0.5.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
What the vulnerability does
Missing Authorization vulnerability in czater Czater.pl – live chat i telefon czater allows Cross Site Request Forgery.This issue affects Czater.pl – live chat i telefon: from n/a through <= 1.0.5.
Explanation of Vulnerability in Simple Terms
Czater.pl live chat lacks proper authorization checks, allowing an unauthenticated attacker to access or modify sensitive functionality by visiting a malicious link. The attacker needs the victim to click the link. This affects versions up to 1.0.5 and can leak data or alter site content.
What an attacker can do
Access or modify sensitive features without authentication by tricking a user into clicking a link.
Potential impact on your site
Unauthorized users can read or change chat data and settings if a visitor clicks a malicious link.
Conditions required to exploit
Victim must click an attacker-supplied link; no authentication required from the attacker.
Key dates
External resources