exploitDog

GHSA-q82f-8246-gmrw

Опубликовано: 23 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 5.3

Описание

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages that submit HTTP requests to the radio processing interface, triggering unintended administrative operations when a logged-in user visits the page.

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages that submit HTTP requests to the radio processing interface, triggering unintended administrative operations when a logged-in user visits the page.

Ссылки

EPSS

Процентиль: 17%

0.00054

Низкий

5.1 Medium

CVSS4

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2023-53961

CVSS3: 5.3

nvd

около 2 месяцев назад

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages that submit HTTP requests to the radio processing interface, triggering unintended administrative operations when a logged-in user visits the page.

EPSS

Процентиль: 17%

0.00054

Низкий

5.1 Medium

CVSS4

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352