Описание
Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors.
Ссылки
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 1.2 (включая)Версия до 1.2 (включая)
Одно из
cpe:2.3:a:itd-inc:bingo\!cms:*:-:commercial:*:*:*:*:*
cpe:2.3:a:itd-inc:bingo\!cms:*:-:core:*:*:*:*:*
EPSS
Процентиль: 37%
0.00161
Низкий
6.5 Medium
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
CWE-352
Связанные уязвимости
CVSS3: 6.5
github
почти 4 года назад
Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors.
EPSS
Процентиль: 37%
0.00161
Низкий
6.5 Medium
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
CWE-352