exploitDog

GHSA-vfq5-mm65-6p52

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple cross-site request forgery (CSRF) vulnerabilities in BugTracker.NET before 2.7.2 allow remote attackers to delete arbitrary bugs and perform other administrative tasks via unspecified vectors, possibly related to delete_*.aspx pages, and massedit.aspx, subscribe.aspx, flag.aspx, and relationships.aspx.

Multiple cross-site request forgery (CSRF) vulnerabilities in BugTracker.NET before 2.7.2 allow remote attackers to delete arbitrary bugs and perform other administrative tasks via unspecified vectors, possibly related to delete_*.aspx pages, and massedit.aspx, subscribe.aspx, flag.aspx, and relationships.aspx.

Ссылки

EPSS

Процентиль: 35%

0.00145

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2008-0336

nvd

около 18 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in BugTracker.NET before 2.7.2 allow remote attackers to delete arbitrary bugs and perform other administrative tasks via unspecified vectors, possibly related to delete_*.aspx pages, and massedit.aspx, subscribe.aspx, flag.aspx, and relationships.aspx.

EPSS

Процентиль: 35%

0.00145

Низкий

CVE ID

Дефекты

CWE-352