exploitDog

CVE-2018-14520

Опубликовано: 24 авг. 2022

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

An issue was discovered in Kirby 2.5.12. The application allows malicious HTTP requests to be sent in order to trick a user into adding web pages.

Ссылки

http://zaranshaikh.blogspot.com/2018/07/cross-site-request-forgery-kirby-cms.html
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/45068
Third Party Advisory
VDB Entry
http://zaranshaikh.blogspot.com/2018/07/cross-site-request-forgery-kirby-cms.html
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/45068
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:getkirby:kirby:2.5.12:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.0022

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-h3w2-qg2r-c7mf

CVSS3: 5.4

github

больше 3 лет назад

Kirby CMS 2.5.12 Cross-site Scripting

EPSS

Процентиль: 44%

0.0022

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79