exploitDog

GHSA-5j5f-mr3p-j7cr

Опубликовано: 31 июл. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.6

Описание

A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a malicious web page.

A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a malicious web page.

Ссылки

EPSS

Процентиль: 80%

0.01324

Низкий

6.6 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2024-3083

CVSS3: 8.3

nvd

больше 1 года назад

A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a malicious web page.

EPSS

Процентиль: 80%

0.01324

Низкий

6.6 Medium

CVSS3

CVE ID

Дефекты

CWE-352