exploitDog

GHSA-q4q5-xrpm-7rv3

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration&section=main or /admin.php?page=batch_manager&mode=unit. An attacker can exploit this to coerce an admin user into performing unintended actions.

Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration&section=main or /admin.php?page=batch_manager&mode=unit. An attacker can exploit this to coerce an admin user into performing unintended actions.

Ссылки

EPSS

Процентиль: 38%

0.00166

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2017-17827

CVSS3: 8.8

nvd

около 8 лет назад

Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration&section=main or /admin.php?page=batch_manager&mode=unit. An attacker can exploit this to coerce an admin user into performing unintended actions.

CVE-2017-17827

CVSS3: 8.8

debian

около 8 лет назад

Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.ph ...

EPSS

Процентиль: 38%

0.00166

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352