Lucene search

K
osvGoogleOSV:GHSA-M9HV-QMQH-33QH
HistoryMay 24, 2022 - 7:21 p.m.

EC-CUBE Cross-site request forgery (CSRF) vulnerability

2022-05-2419:21:18
Google
osv.dev
6

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.1%

Cross-site request forgery (CSRF) vulnerability in EC-CUBE 2 series 2.11.0 to 2.17.1 allows a remote attacker to hijack the authentication of Administrator and delete Administrator via a specially crafted web page.

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.1%

Related for OSV:GHSA-M9HV-QMQH-33QH