Description
emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows attackers to arbitrarily add articles.
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-09-15T22:15:07.663
3 years agoLast modified
2021-09-28T15:15:43.670
3 years ago