GHSA-4284-x26r-4hhc

Опубликовано: 26 фев. 2022

Источник: github

Github: Прошло ревью

CVSS3: 8.8

Описание

Cross Site Request Forgery in Apache JSPWiki

Apache JSPWiki user preferences form is vulnerable to CSRF attacks, which can lead to account takeover. Apache JSPWiki users should upgrade to 2.11.2 or later.

Ссылки

Пакеты

Наименование

org.apache.jspwiki:jspwiki-main

maven

Затронутые версииВерсия исправления

< 2.11.2

2.11.2

EPSS

Процентиль: 83%

0.01846

Низкий

8.8 High

CVSS3

CVE ID

CVE-2022-24947

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-24947

CVSS3: 8.8

ubuntu

почти 4 года назад

Apache JSPWiki user preferences form is vulnerable to CSRF attacks, which can lead to account takeover. Apache JSPWiki users should upgrade to 2.11.2 or later.

CVE-2022-24947

CVSS3: 8.8

nvd

почти 4 года назад

Apache JSPWiki user preferences form is vulnerable to CSRF attacks, which can lead to account takeover. Apache JSPWiki users should upgrade to 2.11.2 or later.

CVE-2022-24947

CVSS3: 8.8

debian

почти 4 года назад

Apache JSPWiki user preferences form is vulnerable to CSRF attacks, wh ...

EPSS

Процентиль: 83%

0.01846

Низкий

8.8 High

CVSS3

CVE ID

CVE-2022-24947

Дефекты

CWE-352