exploitDog

GHSA-46c8-qfh8-7cvf

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.

Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.

Ссылки

EPSS

Процентиль: 39%

0.00172

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2009-2005

nvd

больше 16 лет назад

Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.

EPSS

Процентиль: 39%

0.00172

Низкий

CVE ID

Дефекты

CWE-352