exploitDog

GHSA-3jpc-c4hr-jcph

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.0 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors related to refusals.

Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.0 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors related to refusals.

Ссылки

EPSS

Процентиль: 40%

0.00182

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2013-5993

nvd

около 12 лет назад

Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.0 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors related to refusals.

EPSS

Процентиль: 40%

0.00182

Низкий

CVE ID

Дефекты

CWE-352