exploitDog

GHSA-g5xq-3448-3grg

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74 build 363 allows remote attackers to hijack the authentication of administrators for requests that create a new administrator via a new_admin action.

Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74 build 363 allows remote attackers to hijack the authentication of administrators for requests that create a new administrator via a new_admin action.

Ссылки

EPSS

Процентиль: 32%

0.00122

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2010-2111

nvd

больше 15 лет назад

Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74 build 363 allows remote attackers to hijack the authentication of administrators for requests that create a new administrator via a new_admin action.

EPSS

Процентиль: 32%

0.00122

Низкий

CVE ID

Дефекты

CWE-352