exploitDog

GHSA-3gv3-3m2j-wpx7

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBusiness before and including 4.4.1 allows arbitrary file upload.

A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBusiness before and including 4.4.1 allows arbitrary file upload.

Ссылки

EPSS

Процентиль: 40%

0.00177

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2019-18206

CVSS3: 8.8

nvd

около 6 лет назад

A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBusiness before and including 4.4.1 allows arbitrary file upload.

EPSS

Процентиль: 40%

0.00177

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352