exploitDog

GHSA-pr32-qm3r-fmqr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF if the attacker uses GET where POST was intended.

An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF if the attacker uses GET where POST was intended.

Ссылки

EPSS

Процентиль: 29%

0.00103

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2020-14989

CVSS3: 6.5

nvd

почти 5 лет назад

An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF if the attacker uses GET where POST was intended.

EPSS

Процентиль: 29%

0.00103

Низкий

CVE ID

Дефекты

CWE-352