exploitDog

GHSA-5r7q-mggf-pv6q

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Cross-site request forgery (CSRF) vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to hijack the authentication of arbitrary users.

Cross-site request forgery (CSRF) vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to hijack the authentication of arbitrary users.

Ссылки

EPSS

Процентиль: 20%

0.00064

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2016-0863

CVSS3: 8.8

nvd

почти 10 лет назад

Cross-site request forgery (CSRF) vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to hijack the authentication of arbitrary users.

EPSS

Процентиль: 20%

0.00064

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352