Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-6819

Опубликовано: 12 мар. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This.

РелизСтатусПримечание
artful

not-affected

4.7.3+dfsg-1
bionic

not-affected

4.7.3+dfsg-1
cosmic

not-affected

4.7.3+dfsg-1
devel

not-affected

4.7.3+dfsg-1
disco

not-affected

4.7.3+dfsg-1
eoan

not-affected

4.7.3+dfsg-1
esm-apps/bionic

not-affected

4.7.3+dfsg-1
esm-apps/focal

not-affected

4.7.3+dfsg-1
esm-apps/jammy

not-affected

4.7.3+dfsg-1
esm-apps/noble

not-affected

4.7.3+dfsg-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 92%
0.0818
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-6819

CVSS3: 6.5
nvd
больше 8 лет назад

In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This.

debian логотип

CVE-2017-6819

CVSS3: 6.5
debian
больше 8 лет назад

In WordPress before 4.7.3, there is cross-site request forgery (CSRF) ...

github логотип

GHSA-34f4-j2gj-cg3x

CVSS3: 6.5
github
около 3 лет назад

In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This.

EPSS

Процентиль: 92%
0.0818
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3