Описание
A vulnerability, which was classified as problematic, was found in DaiCuo up to 1.3.13. This affects an unknown part of the file /admin.php/addon/index. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.13 (включая)
cpe:2.3:a:daicuo:daicuo:*:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00048
Низкий
4.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-352
CWE-352
Связанные уязвимости
CVSS3: 4.3
github
7 месяцев назад
A vulnerability, which was classified as problematic, was found in DaiCuo up to 1.3.13. This affects an unknown part of the file /admin.php/addon/index. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 15%
0.00048
Низкий
4.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-352
CWE-352