Lucene search

[email protected]NVD:CVE-2023-51813

HistoryJan 30, 2024 - 1:15 a.m.

CVE-2023-51813

2024-01-3001:15:58

CWE-352

[email protected]

web.nvd.nist.gov

cve-2023-51813

cross site request forgery

inventory system v1.0

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

29.9%

JSON

Cross Site Request Forgery (CSRF) vulnerability in Free Open-Source Inventory Management System v.1.0 allows a remote attacker to execute arbitrary code via the staff_list parameter in the index.php component.

Affected configurations

Nvd

Node

free_and_open_source_inventory_management_system_projectfree_and_open_source_inventory_management_systemMatch1.0

VendorProductVersionCPE
free_and_open_source_inventory_management_system_projectfree_and_open_source_inventory_management_system1.0cpe:2.3:a:free_and_open_source_inventory_management_system_project:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
free_and_open_source_inventory_management_system_project	free_and_open_source_inventory_management_system	1.0	cpe:2.3:a:free_and_open_source_inventory_management_system_project:free_and_open_source_inventory_management_system:1.0:::::::*

References

github.com/xxxxfang/CVE-Apply/blob/main/csrf-1.md

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

29.9%

JSON

Related for NVD:CVE-2023-51813

cvelist1 cve1 prion1