PT-2018-11804 · Jirafeau · Jirafeau
Publicado
2018-07-06
·
Atualizado
2018-08-23
·
CVE-2018-13407
CVSS v2.0
5.5
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Jirafeau versions prior to 3.4.1
Description
A CSRF issue was discovered in the "delete file" feature on the admin panel, which is not protected against automated requests and could be abused.
Recommendations
For versions prior to 3.4.1, update to version 3.4.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin panel to minimize the risk of exploitation.
Exploit
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Jirafeau