Lucene search
Veracode Vulnerability DatabaseVERACODE:33046HistoryNov 22, 2021 - 7:57 a.m.
Cross-Site Request Forgery (CSRF)
2021-11-2207:57:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
cross-site request forgery
csrf
kevinpapst/kimai2
customercontroller.php
invoice templates
deletecommentaction function
software security
EPSS
0.001
Percentile
31.1%
kevinpapst/kimai2 is vulnerable to cross-site request forgery. An attacker can delete invoice templates through the deleteCommentAction function in CustomerController.php
Related
prion
prion
Cross site request forgery (csrf)
2021-11-19 12:15:00
cvelist
cvelist
CVE-2021-3963 Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
2021-11-19 11:50:10
huntr
huntr
Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
2021-11-15 07:43:53
osv
osv
Cross-site Scripting in kimai2
2021-11-23 18:16:43
CVE-2021-3963
2021-11-19 12:15:09
github
github
Cross-site Scripting in kimai2
2021-11-23 18:16:43
nvd
nvd
CVE-2021-3963
2021-11-19 12:15:09
cve
cve
CVE-2021-3963
2021-11-19 12:15:09