Описание
A Cross-Site Request Forgery (CSRF) vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager.
EPSS
Процентиль: 3%
0.00019
Низкий
8.3 High
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.3
github
8 дней назад
A Cross-Site Request Forgery (CSRF) vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager.
EPSS
Процентиль: 3%
0.00019
Низкий
8.3 High
CVSS3
Дефекты
CWE-352