Lucene search
GoogleOSV:GHSA-GMJ8-84R4-H46JHistorySep 23, 2022 - 12:00 a.m.
rdiffweb Cross-Site Request Forgery vulnerability can lead to user email ID being changed
2022-09-2300:00:31
Google
osv.dev
14
rdiffweb
csrf
vulnerability
email id change
version 2.4.7
software
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
21.4%
rdiffwen prior to version 2.4.7 is vulnerable to Cross-Site Request Forgery (CSRF). An attacker can change a user’s email ID. Version 2.4.7 has a fix for this issue.
Related
huntr
huntr
CSRF to change the email id
2022-09-21 13:58:20
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2022-09-22 19:15:00
github
github
osv
osv
CVE-2022-3274
2022-09-22 19:15:09
PYSEC-2022-289
2022-09-22 19:15:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2022-09-23 04:56:33
nvd
nvd
CVE-2022-3274
2022-09-22 19:15:09
cve
cve
CVE-2022-3274
2022-09-22 19:15:09
nessus
nessus
Wireshark 3.6.x < 3.6.9 Multiple Vulnerabilities (macOS)
2022-10-27 00:00:00
Wireshark 3.6.x < 3.6.9 Multiple Vulnerabilities
2022-10-27 00:00:00
kaspersky
kaspersky
KLA20110 Multiple vulnerabilities in Wireshark
2022-10-26 00:00:00
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
21.4%
Related for OSV:GHSA-GMJ8-84R4-H46J