Описание
glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/admin/plugins/bad_behavior2/blacklist.php. Using the CSRF vulnerability to trick the administrator to click, an attacker can add a blacklist.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:glfusion:glfusion:1.7.9:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00098
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
около 4 лет назад
glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/admin/plugins/bad_behavior2/blacklist.php. Using the CSRF vulnerability to trick the administrator to click, an attacker can add a blacklist.
EPSS
Процентиль: 28%
0.00098
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352