Lucene search
Veracode Vulnerability DatabaseVERACODE:33053HistoryNov 22, 2021 - 3:19 p.m.
Cross Site Request Forgery (CSRF)
2021-11-2215:19:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
csrf
cross-site request forgery
kimai2
vulnerability
deletelogfileaction
unauthenticated actions
EPSS
0.001
Percentile
31.1%
kimai2 is vulnerable to cross-site request forgery attacks. The vulnerability exists in deleteLogfileAction function in DoctorController.php which allows a malicious attacker to perform unauthenticated deletions of existing log files performing unauthenticated actions.
Related
prion
prion
Cross site request forgery (csrf)
2021-11-19 12:15:00
osv
osv
CVE-2021-3957
2021-11-19 12:15:08
Cross-site Scripting in kimai2
2021-11-23 17:59:40
huntr
huntr
Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
2021-11-08 19:29:52
cve
cve
CVE-2021-3957
2021-11-19 12:15:08
github
github
Cross-site Scripting in kimai2
2021-11-23 17:59:40
cvelist
cvelist
CVE-2021-3957 Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
2021-11-19 12:00:11
nvd
nvd
CVE-2021-3957
2021-11-19 12:15:08