GHSA-jpv2-p2f8-7hfc

Опубликовано: 09 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site Request Forgery.

This

CSRF vulnerability resulting in Command Injection has been identified.

This issue affects Panilux: before v.0.10.0. NOTE: The vendor was contacted and responded that they deny ownership of the mentioned product.

Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site Request Forgery.

This

CSRF vulnerability resulting in Command Injection has been identified.

This issue affects Panilux: before v.0.10.0. NOTE: The vendor was contacted and responded that they deny ownership of the mentioned product.

Ссылки

EPSS

Процентиль: 16%

0.0005

Низкий

9.6 Critical

CVSS3

CVE ID

CVE-2025-11022

Дефекты

CWE-352

Связанные уязвимости

CVE-2025-11022

CVSS3: 9.6

nvd

2 месяца назад

Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site Request Forgery. This CSRF vulnerability resulting in Command Injection has been identified. This issue affects Panilux: before v.0.10.0. NOTE: The vendor was contacted and responded that they deny ownership of the mentioned product.

EPSS

Процентиль: 16%

0.0005

Низкий

9.6 Critical

CVSS3

CVE ID

CVE-2025-11022

Дефекты

CWE-352