Количество 3
Количество 3
CVE-2024-39063
Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSRF). The YII_CSRF_TOKEN is only checked when passed in the body of POST requests, but the same check isn't performed in the equivalent GET requests.
CVE-2024-39063
Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSR ...
GHSA-r99h-ggx3-p9p6
Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSRF). The YII_CSRF_TOKEN is only checked when passed in the body of POST requests, but the same check isn't performed in the equivalent GET requests.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-39063 Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSRF). The YII_CSRF_TOKEN is only checked when passed in the body of POST requests, but the same check isn't performed in the equivalent GET requests. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-39063 Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSR ... | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| GHSA-r99h-ggx3-p9p6 Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSRF). The YII_CSRF_TOKEN is only checked when passed in the body of POST requests, but the same check isn't performed in the equivalent GET requests. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу