exploitDog

GHSA-84hw-6xxj-c8x4

Опубликовано: 27 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.

Ссылки

EPSS

Процентиль: 7%

0.00026

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2025-54598

CVSS3: 6.5

nvd

5 месяцев назад

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.

EPSS

Процентиль: 7%

0.00026

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352