exploitDog

GHSA-mvf8-mv9q-4hv5

Опубликовано: 04 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

PeteReport Version 0.5 contains a Cross Site Request Forgery (CSRF) vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application.

PeteReport Version 0.5 contains a Cross Site Request Forgery (CSRF) vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application.

Ссылки

EPSS

Процентиль: 27%

0.00098

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2022-23052

CVSS3: 6.5

nvd

почти 4 года назад

PeteReport Version 0.5 contains a Cross Site Request Forgery (CSRF) vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application.

EPSS

Процентиль: 27%

0.00098

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352