exploitDog

GHSA-7cfc-62qm-phmg

Опубликовано: 27 авг. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8

Описание

A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges.

A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges.

Ссылки

EPSS

Процентиль: 93%

0.09282

Низкий

8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2024-45264

CVSS3: 8.8

nvd

больше 1 года назад

A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges.

EPSS

Процентиль: 93%

0.09282

Низкий

8 High

CVSS3

CVE ID

Дефекты

CWE-352