Lucene search

K
cve[email protected]CVE-2022-36250
HistoryMay 30, 2023 - 8:15 p.m.

CVE-2022-36250

2023-05-3020:15:09
CWE-352
web.nvd.nist.gov
8
cve-2022-36250
shop beat solutions
pty ltd
cross site request forgery
csrf
nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.9%

Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery (CSRF).

Affected configurations

NVD
Node
shopbeatshop_beat_media_playerRange2.5.953.2.57arm

CNA Affected

[
  {
    "vendor": "Shop Beat",
    "product": "studio",
    "versions": [
      {
        "version": "studio",
        "status": "affected",
        "lessThan": "3.2.57",
        "versionType": "custom"
      }
    ],
    "platforms": [
      "arm"
    ]
  }
]

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.9%

Related for CVE-2022-36250