exploitDog

CVE-2023-48063

Опубликовано: 13 нояб. 2023

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a theme project via /admin/category/delete.

Ссылки

https://github.com/CP1379767017/cms/blob/dreamcms_vul/There%20is%20a%20CSRF%20vulnerability%20at%20th%20menu%20management%20location.md
Exploit
Third Party Advisory
https://github.com/CP1379767017/cms/blob/dreamcms_vul/There%20is%20a%20CSRF%20vulnerability%20at%20th%20menu%20management%20location.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iteachyou:dreamer_cms:4.1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00051

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-7m4h-4frj-xvm5

CVSS3: 4.3

github

около 2 лет назад

An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a theme project via /admin/category/delete.

EPSS

Процентиль: 16%

0.00051

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-352