6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.2%
eXtplorer is a web-based file manager. index.php of eXtplorer contains a cross-site request forgery (CWE-352) vulnerability.
If a user views a malicious page while logged in, the user may be forced to implicitly perform unintended operations such as the execution of arbitrary PHP code.
Update the Software
Update to the latest version according to the information provided by the developer.