Описание
Gadu-Gadu does not properly perform protocol handling, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and add arbitrary user accounts or cause a denial of service as administrators via an unspecified "crafted link," possibly related to the gg protocol.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:*:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00124
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
почти 4 года назад
Gadu-Gadu does not properly perform protocol handling, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and add arbitrary user accounts or cause a denial of service as administrators via an unspecified "crafted link," possibly related to the gg protocol.
EPSS
Процентиль: 32%
0.00124
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-352