Описание
Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.
Ссылки
- Vendor Advisory
- ExploitPatch
- PatchVendor Advisory
- Vendor Advisory
- ExploitPatch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dokeos:dokeos:1.8.5:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00172
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
почти 4 года назад
Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.
EPSS
Процентиль: 39%
0.00172
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-352