exploitDog

CVE-2019-12253

Опубликовано: 21 мая 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 5.8

EPSS Низкий

Описание

my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting.

Ссылки

https://github.com/ilosuna/mylittleforum/issues/468
Exploit
Third Party Advisory
https://github.com/ilosuna/mylittleforum/releases/tag/2.4.20
Third Party Advisory
https://github.com/ilosuna/mylittleforum/issues/468
Exploit
Third Party Advisory
https://github.com/ilosuna/mylittleforum/releases/tag/2.4.20
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mylittleforum:my_little_forum:*:*:*:*:*:*:*:*

Версия до 2.4.20 (исключая)

EPSS

Процентиль: 31%

0.00117

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-p845-hff8-c6wf

github

больше 3 лет назад

my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting.

EPSS

Процентиль: 31%

0.00117

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-352