exploitDog

CVE-2022-25523

Опубликовано: 25 мар. 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is exploited via a crafted POST request.

Ссылки

http://typesettercms.com
Product
https://github.com/Typesetter/Typesetter/issues/697
Exploit
Third Party Advisory
https://www.typesettercms.com/User
Permissions Required
Product
http://typesettercms.com
Product
https://github.com/Typesetter/Typesetter/issues/697
Exploit
Third Party Advisory
https://www.typesettercms.com/User
Permissions Required
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:typesettercms:typesetter:5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00212

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-qr7c-643q-xrf5

CVSS3: 8.8

github

почти 4 года назад

TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is exploited via a crafted POST request.

EPSS

Процентиль: 44%

0.00212

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352