EPSS
Percentile
34.2%
nsupdate is vulnerable to cross-site request forgery. The vulnerability exists in CSRF_COOKIE_HTTPONLY cookie in base.py due to lack of proper security HTTP headers which allows an attacker to gain access to sensitive information in the system.
CSRF_COOKIE_HTTPONLY
base.py
github.com/advisories/GHSA-mwvp-qr62-cvjx
github.com/nsupdate-info/nsupdate.info/commit/60a3fe559c453bc36b0ec3e5dd39c1303640a59a
github.com/nsupdate-info/nsupdate.info/issues/411
github.com/nsupdate-info/nsupdate.info/pull/410
vuldb.com/?ctiid.216909
vuldb.com/?id.216909