exploitDog

GHSA-6fff-m75x-hprm

Опубликовано: 24 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 5.3

Описание

Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow attackers to perform administrative actions without proper request validation. Attackers can exploit cross-site request forgery to change passwords and inject stored cross-site scripting payloads through unvalidated GET parameters.

Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow attackers to perform administrative actions without proper request validation. Attackers can exploit cross-site request forgery to change passwords and inject stored cross-site scripting payloads through unvalidated GET parameters.

Ссылки

EPSS

Процентиль: 12%

0.00039

Низкий

5.1 Medium

CVSS4

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2019-25244

CVSS3: 5.3

nvd

около 2 месяцев назад

Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow attackers to perform administrative actions without proper request validation. Attackers can exploit cross-site request forgery to change passwords and inject stored cross-site scripting payloads through unvalidated GET parameters.

EPSS

Процентиль: 12%

0.00039

Низкий

5.1 Medium

CVSS4

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-79