ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. If the attacked user is an administrator, the attacker could for example add a new admin user.
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 1.1.9.2-1 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 1.1.9.2-1 |
| esm-apps/jammy | not-affected | 1.1.9.2-1 |
| esm-apps/noble | not-affected | 1.1.9.2-1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. If the attacked user is an administrator, the attacker could for example add a new admin user.
A CSRF issue was discovered in DAViCal through 1.1.8. If an authentica ...
A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. If the attacked user is an administrator, the attacker could for example add a new admin user.
Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡΡ ΠΌΠ½ΠΎΠΆΠ΅ΡΡΠ²Π° ΡΠ»Π΅ΠΌΠ΅Π½ΡΠΎΠ² ΡΠ΅ΡΠ²Π΅ΡΠ° ΠΎΠ±ΠΌΠ΅Π½Π° ΠΊΠ°Π»Π΅Π½Π΄Π°ΡΡΠΌΠΈ DAViCal, ΡΠ²ΡΠ·Π°Π½Π½Π°Ρ Ρ Π½Π΅Π΄ΠΎΡΡΠ°ΡΠΊΠ°ΠΌΠΈ ΠΌΠ΅Ρ Π°Π½ΠΈΠ·ΠΌΠΎΠ² ΠΏΡΠΎΡΠΈΠ²ΠΎΠ΄Π΅ΠΉΡΡΠ²ΠΈΡ ΠΌΠ΅ΠΆΡΠ°ΠΉΡΠΎΠ²ΠΎΠΉ ΡΠ°Π»ΡΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡΡΠ°Ρ Π½Π°ΡΡΡΠΈΡΠ΅Π»Ρ ΠΏΠΎΠ»ΡΡΠΈΡΡ Π½Π΅ΡΠ°Π½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½Π½ΡΠΉ Π΄ΠΎΡΡΡΠΏ ΠΊ ΠΊΠΎΠ½ΡΠΈΠ΄Π΅Π½ΡΠΈΠ°Π»ΡΠ½ΡΠΌ Π΄Π°Π½Π½ΡΠΌ, Π²ΡΠ·Π²Π°ΡΡ ΠΎΡΠΊΠ°Π· Π² ΠΎΠ±ΡΠ»ΡΠΆΠΈΠ²Π°Π½ΠΈΠΈ ΠΈ ΠΎΠΊΠ°Π·Π°ΡΡ Π²ΠΎΠ·Π΄Π΅ΠΉΡΡΠ²ΠΈΠ΅ Π½Π° ΡΠ΅Π»ΠΎΡΡΠ½ΠΎΡΡΡ Π΄Π°Π½Π½ΡΡ
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3