Vulnerability
Description
A misconfigured Adobe Send server may allow malicious requests from other domains, potentially leading to cross-site request forgery attacks.
Recommendation
To mitigate this risk, configure the crossdomain.xml file to restrict allowed domains and headers. Only grant access to all domains if you have confirmed that your service is not vulnerable to CSRF attacks.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
