exploitDog

GHSA-h49x-w352-2625

Опубликовано: 13 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily change the password of any account.

RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily change the password of any account.

Ссылки

EPSS

Процентиль: 30%

0.00111

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-41474

CVSS3: 6.5

nvd

больше 3 лет назад

RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily change the password of any account.

EPSS

Процентиль: 30%

0.00111

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352