Описание
Cross-site Scripting in kimai2
Cross site request forgery vulnerability is present in delete functionality of doctor feature. This vulnerability is capable of deleting system logs
Пакеты
Наименование
kevinpapst/kimai2
composer
Затронутые версииВерсия исправления
< 1.16
1.16
Связанные уязвимости
CVSS3: 4.3
nvd
около 4 лет назад
kimai2 is vulnerable to Cross-Site Request Forgery (CSRF)