CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery (CSRF).

0%

发表于 2023-10-27 分类于 CVE 阅读次数： 本文字数： 430 阅读时长 ≈ 1 分钟

CVE-2023-42188 detail

> \[Suggested description\]  
> IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery (CSRF).
> 
> \[Vulnerability Type\]  
> Cross Site Request Forgery (CSRF)
> 
> \[Vendor of Product\]  
> https://github.com/Thecosy/IceCMS
> 
> \[Affected Product Code Base\]  
> IceCMS - v2.0.1
> 
> \[Affected Component\]  
> After the administrator open the following page and click the the Submit request, cause the CSRF vulnerability.(exp : https://github.com/Thecosy/IceCMS/issues/17)
> 
> \[Root cause\]  
> The request header does not have csrftoken added.

Headline

CVE-2023-42188: CVE deatail

CVE: Latest News