Описание
FreshRSS is a free, self-hostable RSS aggregator. Versions prior to 1.27.1 have a logout cross-site request forgery vulnerability that can lead to denial of service via . Version 1.27.1 patches the issue.
Ссылки
- Issue TrackingPatch
- Issue TrackingPatch
- Issue Tracking
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.27.1 (исключая)
cpe:2.3:a:freshrss:freshrss:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
5.3 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 5.3
debian
около 2 месяцев назад
FreshRSS is a free, self-hostable RSS aggregator. Versions prior to 1. ...
EPSS
Процентиль: 9%
0.00032
Низкий
5.3 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-352