Lucene search
GoogleOSV:GHSA-F6XP-59JQ-R35CHistoryApr 04, 2023 - 3:30 p.m.
Phachon mm-wiki Cross Site Request Forgery vulnerability
2023-04-0415:30:28
Google
osv.dev
4
phachon mm-wiki
cross site request forgery
vulnerability
remote code execution
system/user/save parameter
software
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
70.5%
Cross Site Request Forgery vulnerability found in Phachon mm-wiki v.0.1.2 allows a remote attacker to execute arbitrary code via the system/user/save parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/phachon/mm-wiki | le | 0.1.2 |
Related
cve
cve
CVE-2020-19278
2023-04-04 15:15:07
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-04-28 11:58:12
cvelist
cvelist
CVE-2020-19278
2023-04-04 00:00:00
nvd
nvd
CVE-2020-19278
2023-04-04 15:15:07
prion
prion
Cross site request forgery (csrf)
2023-04-04 15:15:00
osv
osv
CVE-2020-19278
2023-04-04 15:15:07
github
github
Phachon mm-wiki Cross Site Request Forgery vulnerability
2023-04-04 15:30:28
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
70.5%
Related for OSV:GHSA-F6XP-59JQ-R35C