exploitDog

GHSA-hm9x-5qmp-g6fq

Опубликовано: 05 нояб. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.4

Описание

Cross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 that allows attackers to perform actions reserved for administrators, including creating admin accounts. This critical flaw can lead to unauthorized activities, compromising the security and integrity of the platform, especially if an attacker gains administrative control.

Cross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 that allows attackers to perform actions reserved for administrators, including creating admin accounts. This critical flaw can lead to unauthorized activities, compromising the security and integrity of the platform, especially if an attacker gains administrative control.

Ссылки

EPSS

Процентиль: 22%

0.00074

Низкий

8.4 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2024-51381

CVSS3: 8.4

nvd

больше 1 года назад

Cross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 that allows attackers to perform actions reserved for administrators, including creating admin accounts. This critical flaw can lead to unauthorized activities, compromising the security and integrity of the platform, especially if an attacker gains administrative control.

EPSS

Процентиль: 22%

0.00074

Низкий

8.4 High

CVSS3

CVE ID

Дефекты

CWE-352