CVE-2024-36452

Sažetak

Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted.

Reference

https://jvn.jp/en/jp/JVN81442045/
https://webmin.com/

CVSS

Base:	3.1
Impact:	1.4
Exploitability:	1.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Zadnje važnije ažuriranje

05-11-2024 - 22:35

Objavljeno

10-07-2024 - 07:15