Lucene search
K

6 matches found

OSV
OSV
added 2025/12/15 8:15 p.m.7 views

GO-2025-4231 1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality in github.com/1Panel-dev/1Panel

1Panel contains a cross-site request forgery CSRF vulnerability in the web port configuration functionality in github.com/1Panel-dev/1Panel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is...

7.1CVSS6.7AI score0.0015EPSS
Exploits0References5
Snyk
Snyk
added 2025/12/10 9:31 p.m.1 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the port-change endpoint in the web port configuration process. An attacker can cause service disruption or loss of access by tricking an authenticated user into submitting a crafted request, which...

7.1CVSS6.6AI score0.0015EPSS
Exploits0References2
OSV
OSV
added 2025/12/10 9:31 p.m.7 views

GHSA-WRVC-X3WF-J5F5 1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a...

7.1CVSS6.9AI score0.0015EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/12/10 9:31 p.m.8 views

1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a...

7.1CVSS7AI score0.0015EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/12/10 12:0 a.m.10 views

1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a...

7.1CVSS7AI score0.0015EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

1Panel 跨站请求伪造漏洞

1Panel is an open source Linux server operation and management panel from the China 1Panel community. A cross-site request forgery vulnerability exists in 1Panel versions 1.10.33 through 2.0.15. The vulnerability stems from the Web Port Configuration feature that does not implement CSRF protectio...

7.1CVSS6.5AI score0.0015EPSS
Exploits0References4
Rows per page
Query Builder