exploitDog

GHSA-mhx4-qfxf-fxmg

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site request forgery (CSRF) vulnerability in Zenoss Core through 5 Beta 3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger arbitrary code execution via a ZenPack upload, aka ZEN-15388.

Cross-site request forgery (CSRF) vulnerability in Zenoss Core through 5 Beta 3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger arbitrary code execution via a ZenPack upload, aka ZEN-15388.

Ссылки

EPSS

Процентиль: 66%

0.00522

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2014-9385

nvd

около 11 лет назад

Cross-site request forgery (CSRF) vulnerability in Zenoss Core through 5 Beta 3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger arbitrary code execution via a ZenPack upload, aka ZEN-15388.

CVE-2014-9385

debian

около 11 лет назад

Cross-site request forgery (CSRF) vulnerability in Zenoss Core through ...

EPSS

Процентиль: 66%

0.00522

Низкий

CVE ID

Дефекты

CWE-352