Описание
OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. NOTE: The product is self-hosted by the customer, even though it has a *.outsystemsenterprise.com domain name.) NOTE: The vendor claims that the independent researcher created the report without any type of validation and that no such vulnerability exists
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10 (включая) до 11 (включая)
cpe:2.3:a:outsystems:outsystems:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00161
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. NOTE: the product is self-hosted by the customer, even though it has a *.outsystemsenterprise.com domain name.)
EPSS
Процентиль: 37%
0.00161
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352