Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-78mr-78x2-c4q9

Опубликовано: 13 нояб. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 4.7

Описание

SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.

SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.

Ссылки

EPSS

Процентиль: 36%
0.00152
Низкий

4.7 Medium

CVSS3

CVE ID

CVE-2021-27701

Дефекты

CWE-352

Связанные уязвимости

nvd логотип

CVE-2021-27701

CVSS3: 4.7
nvd
около 1 года назад

SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.

EPSS

Процентиль: 36%
0.00152
Низкий

4.7 Medium

CVSS3

CVE ID

CVE-2021-27701

Дефекты

CWE-352