CVE-2022-28892

Опубликовано: 28 апр. 2022

Источник: debian

Описание

Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mahara	removed			package

Связанные уязвимости

CVE-2022-28892

CVSS3: 8.8

nvd

почти 4 года назад

Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.

GHSA-9v26-vwmp-p2jp

CVSS3: 8.8

github

почти 4 года назад

Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.