Lucene search

CVE-2022-4646

🗓️ 22 Dec 2022 02:08:15Reported by @huntrdevType

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 10
OSV	CVE-2022-4646	22 Dec 202202:15	–	osv
OSV	rdiffweb vulnerable to Cross-Site Request Forgery	22 Dec 202203:30	–	osv
OSV	PYSEC-2022-43004	22 Dec 202202:15	–	osv
Cvelist	CVE-2022-4646 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb	22 Dec 202200:00	–	cvelist
NVD	CVE-2022-4646	22 Dec 202202:15	–	nvd
Veracode	Cross Site Request Forgery (CSRF)	27 Dec 202205:05	–	veracode
Github Security Blog	rdiffweb vulnerable to Cross-Site Request Forgery	22 Dec 202203:30	–	github
Huntr	Lack of CSRF Token in Logout	5 Dec 202206:41	–	huntr
Vulnrichment	CVE-2022-4646 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb	22 Dec 202200:00	–	vulnrichment
Prion	Cross site request forgery (csrf)	22 Dec 202202:15	–	prion

Nvd

Node

ikus-soft rdiffwebRange<2.5.4

[
  {
    "vendor": "ikus060",
    "product": "ikus060/rdiffweb",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "2.5.4",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/ikus060/rdiffweb/commit/e6f0d8002129be90fe82fa3e3ea0a6942caba398
huntr	www.huntr.dev/bounties/17bc1b0f-1f5c-432f-88e4-c9866ccf6e10

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Dec 2022 02:15Current

5.8Medium risk

Vulners AI Score5.8

CVSS35.3 - 6.5

EPSS0.00048

SSVC

CWE-352