GHSA-cjp8-vv38-p3g2

Опубликовано: 16 нояб. 2022

Источник: github

Github: Прошло ревью

CVSS3: 4.3

Описание

Cross-Site Request Forgery in feehi/feehicms

FeehiCMS vulnerable to Cross-Site Request Forgery. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely.

Ссылки

Пакеты

Наименование

feehi/feehicms

composer

Затронутые версииВерсия исправления

<= 2.0.1.1

Отсутствует

EPSS

Процентиль: 35%

0.00143

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2022-4014

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-4014

CVSS3: 4.3

nvd

около 3 лет назад

A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this vulnerability is VDB-213788.

EPSS

Процентиль: 35%

0.00143

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2022-4014

Дефекты

CWE-352