exploitDog

CVE-2022-38297

Опубликовано: 12 сент. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning.

Ссылки

https://github.com/tobysunyaya/UCMS_vulunerablities/blob/main/UCMS%20v1.6%20cookies%20poisoning%20attack%20vulnerability
Exploit
Third Party Advisory
https://github.com/tobysunyaya/UCMS_vulunerablities/blob/main/UCMS%20v1.6%20cookies%20poisoning%20attack%20vulnerability
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ucms_project:ucms:1.6:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00421

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-565

Связанные уязвимости

GHSA-ch9m-4jxr-g98q

CVSS3: 9.8

github

больше 3 лет назад

UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning.

EPSS

Процентиль: 61%

0.00421

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-565