Описание
The web application is not protected against cross-site request forgery attacks. Therefore, an attacker can trick users into performing actions on the application when they visit an attacker-controlled website or click on a malicious link. E.g. an attacker can forge malicious links to reset the admin password or create new users.
EPSS
Процентиль: 23%
0.00075
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 6.3
github
около 1 года назад
The web application is not protected against cross-site request forgery attacks. Therefore, an attacker can trick users into performing actions on the application when they visit an attacker-controlled website or click on a malicious link. E.g. an attacker can forge malicious links to reset the admin password or create new users.
EPSS
Процентиль: 23%
0.00075
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-352