Lucene search
Veracode Vulnerability DatabaseVERACODE:33889HistoryJan 25, 2022 - 5:41 a.m.
Cross-Site Request Forgery (CSRF)
2022-01-2505:41:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
40.6%
yetiforce/yetiforce-crm is vulnerable to cross-site request forgery. The vulnerability exists due to insufficient permissions checks which allows a malicious attacker to create a new admin account and cause a csrf attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| yetiforce/yetiforce-crm | le | 6.3.0 | |
| yetiforce/yetiforce-crm | le | 6.3.0 |
Related
huntr
huntr
Cross-Site Request Forgery (CSRF) in yetiforcecompany/yetiforcecrm
2022-01-12 12:01:52
osv
osv
Cross-Site Request Forgery in yetiforce
2022-01-27 16:21:33
CVE-2022-0269
2022-01-24 12:15:07
cnvd
cnvd
YetiForceCrm Cross-site Request Forgery Vulnerability (CNVD-2022-08153)
2022-01-26 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-0269
2022-01-24 12:15:07
cve
cve
CVE-2022-0269
2022-01-24 12:15:07
github
github
Cross-Site Request Forgery in yetiforce
2022-01-27 16:21:33
prion
prion
Cross site request forgery (csrf)
2022-01-24 12:15:00