Lucene search
Veracode Vulnerability DatabaseVERACODE:40334HistoryApr 28, 2023 - 11:58 a.m.
Cross-Site Request Forgery (CSRF)
2023-04-2811:58:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
cross-site request forgery
csrf
vulnerability
github.com/phachon/mm-wiki
save function
user.go
arbitrary code
0.003 Low
EPSS
Percentile
70.5%
github.com/phachon/mm-wiki is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists in Save function of user.go which allows an attacker to execute arbitrary code via the system/user/save parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/phachon/mm-wiki | le | v0.1.2 | |
| github.com/phachon/mm-wiki | le | v0.1.2 |
Related
cve
cve
CVE-2020-19278
2023-04-04 15:15:07
osv
osv
Phachon mm-wiki Cross Site Request Forgery vulnerability
2023-04-04 15:30:28
CVE-2020-19278
2023-04-04 15:15:07
cvelist
cvelist
CVE-2020-19278
2023-04-04 00:00:00
nvd
nvd
CVE-2020-19278
2023-04-04 15:15:07
prion
prion
Cross site request forgery (csrf)
2023-04-04 15:15:00
github
github
Phachon mm-wiki Cross Site Request Forgery vulnerability
2023-04-04 15:30:28