|
|||
Rule General Information |
---|
Release Date: | 2021-04-16 | |
Rule Name: | TemaTres 3.0 Cross-Site Request Forgery Vulnerability (CVE-2019-14345) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | TemaTres 3.0 allows remote unprivileged users to create an administrator account | |
Impact: | An attacker can launch a cross-site request forgery in the context of the affected software. Arbitrary script transmitted from a user that the software trusts can be executed in a successful exploit attempt. | |
Affected OS: | Windows, Linux, Others | |
Reference: | https://github.com/tematres/TemaTres-Vocabulary-Server/commits/master https://medium.com/@Pablo0xSantiago/cve-2019-14345-ff6f6d9fd30f https://sourceforge.net/p/tematres/mailman/tematres-help/ https://www.hackpuntes.com |
|
Solutions |
---|
The vendor has released upgrade patches to fix vulnerabilities, please visit: https://www.vocabularyserver.com/ |