exploitDog

GHSA-c33m-7985-hj4w

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via index.php.

An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via index.php.

Ссылки

EPSS

Процентиль: 34%

0.00141

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2018-14958

CVSS3: 8.8

nvd

больше 7 лет назад

An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via index.php.

EPSS

Процентиль: 34%

0.00141

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352