Описание
A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request.
Ссылки
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpjabbers:cinema_booking_system:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00267
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 5.4
github
около 1 года назад
A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request.
EPSS
Процентиль: 50%
0.00267
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-352