Lucene search
GoogleOSV:CVE-2023-25015HistoryFeb 02, 2023 - 4:15 a.m.
CVE-2023-25015
2023-02-0204:15:08
Google
osv.dev
3
clockwork web
csrf
rails
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
27.2%
Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF.
Related
github
github
cve
cve
CVE-2023-25015
2023-02-02 04:15:08
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-02-08 06:58:49
nvd
nvd
CVE-2023-25015
2023-02-02 04:15:08
rubygems
rubygems
CSRF Vulnerability with Rails < 5.2
2023-01-31 21:00:00
osv
osv
prion
prion
Cross site request forgery (csrf)
2023-02-02 04:15:00
cvelist
cvelist
CVE-2023-25015
2023-02-02 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
27.2%
Related for OSV:CVE-2023-25015