Lucene search
Veracode Vulnerability DatabaseVERACODE:7630HistoryOct 22, 2018 - 9:32 a.m.
Cross-Site Request Forgery (CSRF)
2018-10-2209:32:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
50.1%
tribalsystems/zenario is vulnerable to cross-site request forgery (CSRF). The application does not verify the authenticity of a request to admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent, which allows an attacker to submit a request on behalf of the victim when the victim visits a malicious HTML page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tribalsystems/zenario | eq | 8.3.47997 | |
| tribalsystems/zenario | eq | 42085 | |
| tribalsystems/zenario | eq | 8.3.47997 | |
| tribalsystems/zenario | eq | 42085 |
Related
cve
cve
CVE-2018-18420
2018-10-19 22:29:02
cvelist
cvelist
CVE-2018-18420
2018-10-19 22:00:00
packetstorm
packetstorm
Zenar Content Management System 8.3 Cross Site Request Forgery
2018-10-18 00:00:00
github
github
Zenario CMS vulnerable to CSRF
2022-05-14 01:53:42
osv
osv
Zenario CMS vulnerable to CSRF
2022-05-14 01:53:42
prion
prion
Cross site request forgery (csrf)
2018-10-19 22:29:00
nvd
nvd
CVE-2018-18420
2018-10-19 22:29:02