exploitDog

CVE-2021-33396

Опубликовано: 15 фев. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.

Ссылки

https://github.com/baijiacms/baijiacmsV4/issues/7
Exploit
Vendor Advisory
https://github.com/baijiacms/baijiacmsV4/issues/7
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:baijiacms_project:baijiacms:4.1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00138

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-352

CWE-352

Связанные уязвимости

GHSA-hx85-xr64-jmwv

CVSS3: 6.5

github

почти 3 года назад

Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.

EPSS

Процентиль: 34%

0.00138

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-352

CWE-352