Lucene search
MitreCVE-2024-28668HistoryMar 13, 2024 - 1:15 p.m.
CVE-2024-28668
2024-03-1313:15:48
mitre
web.nvd.nist.gov
2
dedecms
csrf
vulnerability
web security
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7.4
Confidence
High
EPSS
0
Percentile
9.0%
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/mychannel_add.php
References
Related
vulnrichment
vulnrichment
CVE-2024-28668
2024-03-13 00:00:00
prion
prion
Cross site request forgery (csrf)
2024-03-13 13:15:00
cvelist
cvelist
CVE-2024-28668
2024-03-13 00:00:00
nvd
nvd
CVE-2024-28668
2024-03-13 13:15:48
openvas
openvas
DedeCMS V5.7 SP2 Multiple Vulnerabilities (Mar/Apr/May/Jul 2024)
2024-06-06 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7.4
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-28668