exploitDog

GHSA-6f9h-ghqc-cxvm

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.

CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.

Ссылки

EPSS

Процентиль: 48%

0.00245

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2018-14029

CVSS3: 8.8

nvd

больше 7 лет назад

CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.

EPSS

Процентиль: 48%

0.00245

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352