Lucene search

MitreCVE-2023-27073

HistoryMar 14, 2023 - 3:15 p.m.

CVE-2023-27073

2023-03-1415:15:12

CWE-352

mitre

web.nvd.nist.gov

cve-2023-27073

csrf

online food ordering system

nvd

security vulnerability

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

21.0%

JSON

A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request.

Affected configurations

Nvd

Node

online_food_ordering_system_projectonline_food_ordering_systemMatch1.0

VendorProductVersionCPE
online_food_ordering_system_projectonline_food_ordering_system1.0cpe:2.3:a:online_food_ordering_system_project:online_food_ordering_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
online_food_ordering_system_project	online_food_ordering_system	1.0	cpe:2.3:a:online_food_ordering_system_project:online_food_ordering_system:1.0:::::::*

References

github.com/bhaveshkush007/CVEs/blob/main/CVE-2023-27073.txt

projectworlds.in/free-projects/php-projects/food-ordering-system-project-in-php/

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

21.0%

JSON

Related for CVE-2023-27073