CVE-2019-12437 - CERT CVE

  1. CVE-2019-12437

ID CVE-2019-12437
Sažetak In SilverStripe through 4.3.3, the previous fix for SS-2018-007 does not completely mitigate the risk of CSRF in GraphQL mutations,
Reference
CVSS
Base: 6.8
Impact: 6.4
Exploitability:8.6
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 20-02-2020 - 13:14
Objavljeno 19-02-2020 - 17:15