CVE-ID: CVE-2022-35613
Konker Platform is an Open Source Platform for the Internet of Things (IoT). The platform v2.3.9 and below are vulnerable to cross-site request forgery attacks. CSRF protection is disabled: http.csrf().disable() URL: https://github.com/KonkerLabs/konker-platform/blob/007a3eebb45a0d29581abd84322b799bc4c542d1/konker.registry.data.core/src/main/java/com/konkerlabs/platform/registry/data/core/config/SecurityConfig.java#L87 References: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html