Lucene search
Veracode Vulnerability DatabaseVERACODE:33241HistoryDec 10, 2021 - 8:26 a.m.
Cross-Site Request Forgery (CSRF)
2021-12-1008:26:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
kevinpapst/kimai2
cross-site request forgery
invoicecontroller.php
createinvoiceaction
invoice tracking
EPSS
0.001
Percentile
31.3%
kevinpapst/kimai2 is vulnerable to cross-site request forgery. The vulnerability exists in createInvoiceAction of InvoiceController.php which allows a malicious attacker to trick users to modify status of invoices and disrupt the tracking of invoices.
Related
cvelist
cvelist
CVE-2021-4033 Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
2021-12-09 19:55:10
osv
osv
Cross-Site Request Forgery in kimai2
2021-12-10 20:34:01
CVE-2021-4033
2021-12-09 20:15:08
prion
prion
Cross site request forgery (csrf)
2021-12-09 20:15:00
huntr
huntr
Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
2021-11-20 05:53:43
github
github
Cross-Site Request Forgery in kimai2
2021-12-10 20:34:01
nvd
nvd
CVE-2021-4033
2021-12-09 20:15:08
cve
cve
CVE-2021-4033
2021-12-09 20:15:08