Lucene search
GoogleOSV:GHSA-CW2V-WV4G-W4P6HistorySep 18, 2022 - 12:00 a.m.
rdiffweb CSRF vulnerability in admin area can lead to deletion of repositories and users
2022-09-1800:00:30
Google
osv.dev
11
rdiffweb
csrf vulnerability
repository deletion
user deletion
admin area
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
30.0%
rdiffweb prior to 2.4.5 is vulnerable to Cross-Site Request Forgery (CSRF). An attacker exploiting this vulnerability can use it to delete repositories and users.
Related
prion
prion
Cross site request forgery (csrf)
2022-09-17 20:15:00
huntr
huntr
osv
osv
PYSEC-2022-281
2022-09-17 20:15:00
CVE-2022-3232
2022-09-17 20:15:09
cve
cve
CVE-2022-3232
2022-09-17 20:15:09
veracode
veracode
Cross-site Request Forgery (CSRF)
2022-09-19 08:48:13
cvelist
cvelist
CVE-2022-3232 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb
2022-09-17 19:40:08
nvd
nvd
CVE-2022-3232
2022-09-17 20:15:09
github
github
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
30.0%
Related for OSV:GHSA-CW2V-WV4G-W4P6