Описание
A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/application-ui-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/console-header-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/console-ui-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/grc-ui-api-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/mcm-topology-api-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/search-ui-rhel8 | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-352
https://bugzilla.redhat.com/show_bug.cgi?id=2066570rhacm: A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands
EPSS
Процентиль: 68%
0.00579
Низкий
Связанные уязвимости
CVSS3: 8.8
nvd
почти 4 года назад
A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.
CVSS3: 8.8
github
почти 4 года назад
A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.
EPSS
Процентиль: 68%
0.00579
Низкий