5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-230458 is the identifier assigned to this vulnerability.
Vendor | Product | Version | CPE |
---|---|---|---|
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.0 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.0:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.1 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.1:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.2 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.2:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.3 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.3:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.4 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.4:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.5 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.5:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.6 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.6:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.7 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.7:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.8 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.8:*:*:*:*:*:*:* |
pythagorean_oa_office_system_project | pythagorean_oa_office_system | 4.50.9 | cpe:2.3:a:pythagorean_oa_office_system_project:pythagorean_oa_office_system:4.50.9:*:*:*:*:*:*:* |
[
{
"vendor": "Guangdong",
"product": "Pythagorean OA Office System",
"versions": [
{
"version": "4.50.0",
"status": "affected"
},
{
"version": "4.50.1",
"status": "affected"
},
{
"version": "4.50.2",
"status": "affected"
},
{
"version": "4.50.3",
"status": "affected"
},
{
"version": "4.50.4",
"status": "affected"
},
{
"version": "4.50.5",
"status": "affected"
},
{
"version": "4.50.6",
"status": "affected"
},
{
"version": "4.50.7",
"status": "affected"
},
{
"version": "4.50.8",
"status": "affected"
},
{
"version": "4.50.9",
"status": "affected"
},
{
"version": "4.50.10",
"status": "affected"
},
{
"version": "4.50.11",
"status": "affected"
},
{
"version": "4.50.12",
"status": "affected"
},
{
"version": "4.50.13",
"status": "affected"
},
{
"version": "4.50.14",
"status": "affected"
},
{
"version": "4.50.15",
"status": "affected"
},
{
"version": "4.50.16",
"status": "affected"
},
{
"version": "4.50.17",
"status": "affected"
},
{
"version": "4.50.18",
"status": "affected"
},
{
"version": "4.50.19",
"status": "affected"
},
{
"version": "4.50.20",
"status": "affected"
},
{
"version": "4.50.21",
"status": "affected"
},
{
"version": "4.50.22",
"status": "affected"
},
{
"version": "4.50.23",
"status": "affected"
},
{
"version": "4.50.24",
"status": "affected"
},
{
"version": "4.50.25",
"status": "affected"
},
{
"version": "4.50.26",
"status": "affected"
},
{
"version": "4.50.27",
"status": "affected"
},
{
"version": "4.50.28",
"status": "affected"
},
{
"version": "4.50.29",
"status": "affected"
},
{
"version": "4.50.30",
"status": "affected"
},
{
"version": "4.50.31",
"status": "affected"
}
]
}
]
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%