exploitDog

GHSA-vpqv-7qjc-x42g

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

An issue was discovered in BlackCat CMS v.1.3.6. There is a CSRF vulnerability (bypass csrf_token) that allows remote arbitrary code execution.

An issue was discovered in BlackCat CMS v.1.3.6. There is a CSRF vulnerability (bypass csrf_token) that allows remote arbitrary code execution.

Ссылки

EPSS

Процентиль: 56%

0.00343

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2020-25453

CVSS3: 8.8

nvd

больше 5 лет назад

An issue was discovered in BlackCat CMS before 1.4. There is a CSRF vulnerability (bypass csrf_token) that allows remote arbitrary code execution.

EPSS

Процентиль: 56%

0.00343

Низкий

CVE ID

Дефекты

CWE-352