Lucene search
+L

CVE-2020-28858

🗓️ 14 Dec 2020 18:58:03Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 46 Views🌐 WEB

OpenAsset DAM v12.0.19 CSRF vulnerabilit

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Circl
CVE-2020-28858
14 Dec 202022:39
circl
CNNVD
Openasset Cross-Site Request Forgery Vulnerability
11 Dec 202000:00
cnnvd
Cvelist
CVE-2020-28858
14 Dec 202018:58
cvelist
EUVD
EUVD-2020-21250
7 Oct 202500:30
euvd
NVD
CVE-2020-28858
14 Dec 202019:15
nvd
OSV
CVE-2020-28858
14 Dec 202019:15
osv
Packet Storm
OpenAsset Digital Asset Management Cross Site Request Forgery
11 Dec 202000:00
packetstorm
Prion
Cross site request forgery (csrf)
14 Dec 202019:15
prion
Positive Technologies
PT-2020-17045
14 Dec 202000:00
ptsecurity
RedhatCVE
CVE-2020-28858
22 May 202515:27
redhatcve
Rows per page
NVD
ParameterPositionPathDescriptionCWE
coderequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352
namerequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352
descriptionrequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352
expiresrequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352
expiryDaterequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352
maximumDownloadsrequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352
notifyEveryDownloadrequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352
aliverequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352
actionrequest bodyAJAXPage/EditDownloadCSRF vulnerability enabling an attacker to perform unintended actions on behalf of an authenticated user (via a crafted form submission to EditDownload).CWE-352

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

09 Jul 2026 01:16Current
8.6High risk
Vulners AI Score8.6
CVSS 26.8
CVSS 3.18.8
EPSS0.01036
46