Описание
A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints.
Ссылки
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:yassmittal:commercify:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.0009
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 6.3
github
10 месяцев назад
A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints.
EPSS
Процентиль: 26%
0.0009
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-352