Описание
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes. This vulnerability appears to have been fixed in 3.6.x.
Ссылки
- Issue TrackingPatchVendor Advisory
- ExploitIssue TrackingVendor Advisory
- Issue TrackingPatchVendor Advisory
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:limesurvey:limesurvey:3.0.0:beta.3\+17110:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00087
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.3
debian
больше 7 лет назад
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request For ...
CVSS3: 4.3
github
больше 3 лет назад
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes. This vulnerability appears to have been fixed in 3.6.x.
EPSS
Процентиль: 25%
0.00087
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352