exploitDog

GHSA-j8xw-g4x6-3hq4

Опубликовано: 17 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 4.3

Описание

Cross-site request forgery vulnerability exists in GROWI v7.3.3 and earlier. If a user views a malicious page while logged in, the user may be tricked to do unintended operations.

Cross-site request forgery vulnerability exists in GROWI v7.3.3 and earlier. If a user views a malicious page while logged in, the user may be tricked to do unintended operations.

Ссылки

EPSS

Процентиль: 4%

0.00018

Низкий

5.1 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2025-64700

CVSS3: 4.3

nvd

около 2 месяцев назад

Cross-site request forgery vulnerability exists in GROWI v7.3.3 and earlier. If a user views a malicious page while logged in, the user may be tricked to do unintended operations.

EPSS

Процентиль: 4%

0.00018

Низкий

5.1 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352