Summary: An issue was discovered in Aviatrix Controller before 5.4.1204. An API call on the web interface lacked a session token check to control access, leading to CSRF.Published: Friday, May 22, 2020 - 21:15cvss: 5.0