exploitDog

GHSA-frfp-ppfr-fx8v

Опубликовано: 14 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated user can add an admin account due to missing CSRF protection.

Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated user can add an admin account due to missing CSRF protection.

Ссылки

EPSS

Процентиль: 60%

0.00398

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-46074

CVSS3: 8.8

nvd

около 3 лет назад

Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated user can add an admin account due to missing CSRF protection.

EPSS

Процентиль: 60%

0.00398

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352