exploitDog

GHSA-fccg-qv5q-xphc

Опубликовано: 05 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component

Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component

Ссылки

EPSS

Процентиль: 12%

0.00041

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2025-67315

CVSS3: 5.4

nvd

около 1 месяца назад

Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component

EPSS

Процентиль: 12%

0.00041

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-352