exploitDog

GHSA-cvq2-wv4h-23w5

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.

A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.

Ссылки

EPSS

Процентиль: 37%

0.00155

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2017-7926

CVSS3: 8.8

nvd

больше 8 лет назад

A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.

EPSS

Процентиль: 37%

0.00155

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352