exploitDog

CVE-2021-46028

Опубликовано: 20 янв. 2022

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

In mblog <= 3.5.0 there is a CSRF vulnerability in the background article management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, the article will be deleted.

Ссылки

https://github.com/langhsu/mblog/issues/50
Exploit
Issue Tracking
Third Party Advisory
https://github.com/langhsu/mblog/issues/50
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mblog_project:mblog:*:*:*:*:*:*:*:*

Версия до 3.5.0 (включая)

EPSS

Процентиль: 27%

0.00098

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-57jj-772p-fq8q

github

около 4 лет назад

In mblog <= 3.5.0 there is a CSRF vulnerability in the background article management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, the article will be deleted.

EPSS

Процентиль: 27%

0.00098

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352