Lucene search
Veracode Vulnerability DatabaseVERACODE:33044HistoryNov 22, 2021 - 7:21 a.m.
Cross-Site Request Forgery (CSRF)
2021-11-2207:21:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
cross-site request forgery
kevinpapst/kimai2
projectcontroller.php
duplicateaction
admin users
duplicate teams
EPSS
0.001
Percentile
31.1%
kevinpapst/kimai2 is vulnerable to cross-site request forgery. An attacker can add admin users to duplicate teams through the duplicateAction function in ProjectController.php
Related
osv
osv
Cross-site Scripting in kimai2
2021-11-23 18:16:50
CVE-2021-3976
2021-11-19 11:15:07
github
github
Cross-site Scripting in kimai2
2021-11-23 18:16:50
cve
cve
CVE-2021-3976
2021-11-19 11:15:07
prion
prion
Cross site request forgery (csrf)
2021-11-19 11:15:00
cvelist
cvelist
CVE-2021-3976 Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
2021-11-19 10:35:10
huntr
huntr
Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
2021-11-16 10:26:07
cnvd
cnvd
kimai cross-site request forgery vulnerability
2021-11-24 00:00:00
nvd
nvd
CVE-2021-3976
2021-11-19 11:15:07