exploitDog

GHSA-226x-xgh7-2wwc

Опубликовано: 16 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 10

Описание

Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through 1.0.

Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through 1.0.

Ссылки

EPSS

Процентиль: 84%

0.02411

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2025-23922

CVSS3: 10

nvd

5 месяцев назад

Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through 1.0.

EPSS

Процентиль: 84%

0.02411

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-352