Lucene search

K

GoogleOSV:CVE-2021-46426

HistoryMar 25, 2022 - 4:15 p.m.

CVE-2021-46426

2022-03-2516:15:09

Google

osv.dev

5

phpipam 1.4.4

reflected xss

csrf

subnets functionality

AI Score

6.1

Confidence

High

EPSS

0.004

Percentile

72.7%

phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality.

References

packetstormsecurity.com/files/167227/PHPIPAM-1.4.4-Cross-Site-Request-Forgery-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2022/May/43

github.com/phpipam

github.com/phpipam/phpipam/commit/6c1f72816d6ac634e9c174057e008717d959f351

www.tempest.com.br

AI Score

6.1

Confidence

High

EPSS

0.004

Percentile

72.7%

Related for OSV:CVE-2021-46426

nvd1 zdt1 cvelist1 packetstorm1 cve1 prion1 openvas1