High severity8.8NVD Advisory· Published Mar 21, 2017· Updated May 13, 2026

CVE-2016-4504

Description

A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function.

Affected products

Chatwoot/Meteocontrol Web'logv5
Range: Meteocontrol WEB'log

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ics-cert.us-cert.gov/advisories/ICSA-16-133-01nvdThird Party AdvisoryUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000