CVE-2020-36534

Опубликовано: 07 июн. 2022

Источник: nvd

CVSS3: 4.3

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

A vulnerability was found in easyii CMS. It has been classified as problematic. Affected is an unknown function of the file /admin/sign/out. The manipulation leads to cross site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/noumo/easyii/
Product
https://vuldb.com/?id.160278
Exploit
Third Party Advisory
VDB Entry
https://github.com/noumo/easyii/
Product
https://vuldb.com/?id.160278
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:easyiicms:easyiicms:-:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00114

Низкий

4.3 Medium

CVSS3

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-3x3w-vcjx-7796

CVSS3: 4.3

github

больше 3 лет назад

Cross-Site Request Forgery in easyii CMS

EPSS

Процентиль: 30%

0.00114

Низкий

4.3 Medium

CVSS3

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352