Описание
Web2py Cross-Site Request Forgery vulnerability
Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Request Forgery) vulnerability, which allows an attacker to trick a logged-in administrator into performing unwanted actions i.e An attacker can trick a victim into disable the installed application just by visiting a URL.
Пакеты
Наименование
web2py
pip
Затронутые версииВерсия исправления
<= 2.14.5
2.14.6
Связанные уязвимости
CVSS3: 8.8
nvd
около 9 лет назад
Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Request Forgery) vulnerability, which allows an attacker to trick a logged in user to perform some unwanted actions i.e An attacker can trick an victim to disable the installed application just by sending a URL to victim.
CVSS3: 8.8
debian
около 9 лет назад
Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Requ ...