exploitDog

GHSA-cjp4-p28m-9gvx

Опубликовано: 30 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.

perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.

Ссылки

EPSS

Процентиль: 87%

0.03371

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-41413

CVSS3: 4.3

nvd

около 3 лет назад

perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.

EPSS

Процентиль: 87%

0.03371

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352