exploitDog

CVE-2022-0515

Опубликовано: 21 мар. 2022

Источник: nvd

CVSS3: 4.3

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4.

Ссылки

https://github.com/crater-invoice/crater/commit/2b7028b7c83fd6e8897f244a2e6723baa20479e5
Patch
Third Party Advisory
https://huntr.dev/bounties/efb93f1f-1896-4a4c-a059-9ecadac1c4de
Exploit
Third Party Advisory
https://github.com/crater-invoice/crater/commit/2b7028b7c83fd6e8897f244a2e6723baa20479e5
Patch
Third Party Advisory
https://huntr.dev/bounties/efb93f1f-1896-4a4c-a059-9ecadac1c4de
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*

Версия до 6.0.4 (исключая)

EPSS

Процентиль: 31%

0.00117

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

CWE-352

Связанные уязвимости

GHSA-q4h7-8qhh-5p55

CVSS3: 4.3

github

почти 4 года назад

Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4.

EPSS

Процентиль: 31%

0.00117

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

CWE-352