High severity8.8NVD Advisory· Published Mar 21, 2017· Updated Jun 17, 2026
CVE-2016-4504
CVE-2016-4504
Description
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:meteocontrol:weblog:-:*:*:*:basic_100:*:*:*+ 4 more
- cpe:2.3:a:meteocontrol:weblog:-:*:*:*:basic_100:*:*:*
- cpe:2.3:a:meteocontrol:weblog:-:*:*:*:light:*:*:*
- cpe:2.3:a:meteocontrol:weblog:-:*:*:*:pro:*:*:*
- cpe:2.3:a:meteocontrol:weblog:-:*:*:*:pro_unlimited:*:*:*
- (no CPE)range: all versions
- Range: all versions
- Range: all versions
- Range: all versions
Patches
Vulnerability mechanics
References
1- ics-cert.us-cert.gov/advisories/ICSA-16-133-01nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.