exploitDog

GHSA-22fj-xvpx-pqm9

Опубликовано: 29 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.1

Описание

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

Ссылки

EPSS

Процентиль: 52%

0.00286

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-22

CWE-74

Связанные уязвимости

CVE-2023-7114

CVSS3: 7.1

nvd

около 2 лет назад

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server.

CVE-2023-7114

CVSS3: 7.1

debian

около 2 лет назад

Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths ...

EPSS

Процентиль: 52%

0.00286

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-22

CWE-74