Описание
A Cross-Site Request Forgery (CSRF) vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager.
EPSS
Процентиль: 12%
0.00041
Низкий
8.3 High
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.3
github
8 месяцев назад
A Cross-Site Request Forgery (CSRF) vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager.
EPSS
Процентиль: 12%
0.00041
Низкий
8.3 High
CVSS3
Дефекты
CWE-352