exploitDog

CVE-2025-3257

Опубликовано: 04 апр. 2025

Источник: nvd

CVSS3: 4.3

CVSS2: 5

EPSS Низкий

Описание

A vulnerability classified as problematic has been found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/caigo8/CVE-md/blob/main/admintwo/CSRF.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.303327
Permissions Required
VDB Entry
https://vuldb.com/?id.303327
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.549011
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xujiangfei:admintwo:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00079

Низкий

4.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-352

CWE-352

Связанные уязвимости

GHSA-wfhr-c5cc-3grg

CVSS3: 4.3

github

10 месяцев назад

A vulnerability classified as problematic has been found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 24%

0.00079

Низкий

4.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-352

CWE-352