exploitDog

GHSA-rfq8-469g-mx7f

Опубликовано: 10 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically administrators.

Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically administrators.

Ссылки

EPSS

Процентиль: 58%

0.00365

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2024-27474

CVSS3: 8.8

nvd

почти 2 года назад

Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically administrators.

EPSS

Процентиль: 58%

0.00365

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352