exploitDog

GHSA-qmmp-gc5q-cq8j

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An issue was discovered in TuziCMS v2.0.6. There is a CSRF vulnerability that can add an admin account, as demonstrated by a history.pushState call.

An issue was discovered in TuziCMS v2.0.6. There is a CSRF vulnerability that can add an admin account, as demonstrated by a history.pushState call.

Ссылки

EPSS

Процентиль: 33%

0.00134

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2018-10185

CVSS3: 8.8

nvd

почти 8 лет назад

An issue was discovered in TuziCMS v2.0.6. There is a CSRF vulnerability that can add an admin account, as demonstrated by a history.pushState call.

EPSS

Процентиль: 33%

0.00134

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352