exploitDog

GHSA-mm92-9vfh-5m9g

Опубликовано: 15 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modification, deletion, or exfiltration.

Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modification, deletion, or exfiltration.

Ссылки

EPSS

Процентиль: 34%

0.00137

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2024-50858

CVSS3: 8.8

nvd

около 1 года назад

Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modification, deletion, or exfiltration.

CVE-2024-50858

CVSS3: 8.8

debian

около 1 года назад

Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Req ...

EPSS

Процентиль: 34%

0.00137

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352