8.8

CVE-2022-32320

A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FerdiumFerdium Version6.0.0 Update-
FerdiumFerdium Version6.0.0 Updatebeta1
FerdiumFerdium Version6.0.0 Updatebeta2
FerdiumFerdium Version6.0.0 Updatebeta3
FerdiumFerdium Version6.0.0 Updatenightly1
FerdiumFerdium Version6.0.0 Updatenightly10
FerdiumFerdium Version6.0.0 Updatenightly11
FerdiumFerdium Version6.0.0 Updatenightly12
FerdiumFerdium Version6.0.0 Updatenightly13
FerdiumFerdium Version6.0.0 Updatenightly14
FerdiumFerdium Version6.0.0 Updatenightly15
FerdiumFerdium Version6.0.0 Updatenightly16
FerdiumFerdium Version6.0.0 Updatenightly17
FerdiumFerdium Version6.0.0 Updatenightly18
FerdiumFerdium Version6.0.0 Updatenightly19
FerdiumFerdium Version6.0.0 Updatenightly2
FerdiumFerdium Version6.0.0 Updatenightly20
FerdiumFerdium Version6.0.0 Updatenightly21
FerdiumFerdium Version6.0.0 Updatenightly22
FerdiumFerdium Version6.0.0 Updatenightly23
FerdiumFerdium Version6.0.0 Updatenightly24
FerdiumFerdium Version6.0.0 Updatenightly25
FerdiumFerdium Version6.0.0 Updatenightly26
FerdiumFerdium Version6.0.0 Updatenightly27
FerdiumFerdium Version6.0.0 Updatenightly28
FerdiumFerdium Version6.0.0 Updatenightly29
FerdiumFerdium Version6.0.0 Updatenightly3
FerdiumFerdium Version6.0.0 Updatenightly30
FerdiumFerdium Version6.0.0 Updatenightly31
FerdiumFerdium Version6.0.0 Updatenightly32
FerdiumFerdium Version6.0.0 Updatenightly33
FerdiumFerdium Version6.0.0 Updatenightly34
FerdiumFerdium Version6.0.0 Updatenightly35
FerdiumFerdium Version6.0.0 Updatenightly36
FerdiumFerdium Version6.0.0 Updatenightly37
FerdiumFerdium Version6.0.0 Updatenightly38
FerdiumFerdium Version6.0.0 Updatenightly39
FerdiumFerdium Version6.0.0 Updatenightly4
FerdiumFerdium Version6.0.0 Updatenightly40
FerdiumFerdium Version6.0.0 Updatenightly41
FerdiumFerdium Version6.0.0 Updatenightly42
FerdiumFerdium Version6.0.0 Updatenightly43
FerdiumFerdium Version6.0.0 Updatenightly44
FerdiumFerdium Version6.0.0 Updatenightly45
FerdiumFerdium Version6.0.0 Updatenightly46
FerdiumFerdium Version6.0.0 Updatenightly47
FerdiumFerdium Version6.0.0 Updatenightly48
FerdiumFerdium Version6.0.0 Updatenightly49
FerdiumFerdium Version6.0.0 Updatenightly5
FerdiumFerdium Version6.0.0 Updatenightly50
FerdiumFerdium Version6.0.0 Updatenightly51
FerdiumFerdium Version6.0.0 Updatenightly52
FerdiumFerdium Version6.0.0 Updatenightly53
FerdiumFerdium Version6.0.0 Updatenightly54
FerdiumFerdium Version6.0.0 Updatenightly55
FerdiumFerdium Version6.0.0 Updatenightly56
FerdiumFerdium Version6.0.0 Updatenightly57
FerdiumFerdium Version6.0.0 Updatenightly58
FerdiumFerdium Version6.0.0 Updatenightly59
FerdiumFerdium Version6.0.0 Updatenightly6
FerdiumFerdium Version6.0.0 Updatenightly60
FerdiumFerdium Version6.0.0 Updatenightly61
FerdiumFerdium Version6.0.0 Updatenightly62
FerdiumFerdium Version6.0.0 Updatenightly63
FerdiumFerdium Version6.0.0 Updatenightly65
FerdiumFerdium Version6.0.0 Updatenightly66
FerdiumFerdium Version6.0.0 Updatenightly67
FerdiumFerdium Version6.0.0 Updatenightly69
FerdiumFerdium Version6.0.0 Updatenightly7
FerdiumFerdium Version6.0.0 Updatenightly70
FerdiumFerdium Version6.0.0 Updatenightly71
FerdiumFerdium Version6.0.0 Updatenightly72
FerdiumFerdium Version6.0.0 Updatenightly73
FerdiumFerdium Version6.0.0 Updatenightly74
FerdiumFerdium Version6.0.0 Updatenightly76
FerdiumFerdium Version6.0.0 Updatenightly77
FerdiumFerdium Version6.0.0 Updatenightly78
FerdiumFerdium Version6.0.0 Updatenightly79
FerdiumFerdium Version6.0.0 Updatenightly8
FerdiumFerdium Version6.0.0 Updatenightly80
FerdiumFerdium Version6.0.0 Updatenightly81
FerdiumFerdium Version6.0.0 Updatenightly82
FerdiumFerdium Version6.0.0 Updatenightly83
FerdiumFerdium Version6.0.0 Updatenightly84
FerdiumFerdium Version6.0.0 Updatenightly85
FerdiumFerdium Version6.0.0 Updatenightly86
FerdiumFerdium Version6.0.0 Updatenightly87
FerdiumFerdium Version6.0.0 Updatenightly88
FerdiumFerdium Version6.0.0 Updatenightly89
FerdiumFerdium Version6.0.0 Updatenightly9
FerdiumFerdium Version6.0.0 Updatenightly90
FerdiumFerdium Version6.0.0 Updatenightly91
FerdiumFerdium Version6.0.0 Updatenightly92
FerdiumFerdium Version6.0.0 Updatenightly93
FerdiumFerdium Version6.0.0 Updatenightly94
FerdiumFerdium Version6.0.0 Updatenightly95
FerdiumFerdium Version6.0.0 Updatenightly96
FerdiumFerdium Version6.0.0 Updatenightly97
FerdiumFerdium Version6.0.0 Updatenightly98
GetferdiFerdi Version <= 5.8.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.42% 0.333
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

https://getferdi.com/
Product
https://gist.github.com/omriinbar-cyesec/c1179fe99725d2b828b6573c0d110c9c
Third Party Advisory
https://github.com/getferdi/ferdi
Third Party Advisory