exploitDog

GHSA-f7jg-4f6w-44wj

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page, leading to creation of a new management group account, as demonstrated by superadmin.

OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page, leading to creation of a new management group account, as demonstrated by superadmin.

Ссылки

EPSS

Процентиль: 31%

0.00117

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2019-17369

CVSS3: 6.5

nvd

больше 6 лет назад

OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page, leading to creation of a new management group account, as demonstrated by superadmin.

EPSS

Процентиль: 31%

0.00117

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352