exploitDog

GHSA-w2gc-6r6c-23j2

Опубликовано: 12 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 4.3

Описание

Cross-site request forgery vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If a user accesses a malicious page while logged in, unintended operations may be performed.

Cross-site request forgery vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If a user accesses a malicious page while logged in, unintended operations may be performed.

Ссылки

EPSS

Процентиль: 4%

0.00019

Низкий

5.1 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2025-58576

CVSS3: 4.3

nvd

около 2 месяцев назад

Cross-site request forgery vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If a user accesses a malicious page while logged in, unintended operations may be performed.

EPSS

Процентиль: 4%

0.00019

Низкий

5.1 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352