|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-04-16 | |
| Rule Name: | TemaTres 3.0 Cross-Site Request Forgery Vulnerability (CVE-2019-14345) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | TemaTres 3.0 allows remote unprivileged users to create an administrator account | |
| Impact: | An attacker can launch a cross-site request forgery in the context of the affected software. Arbitrary script transmitted from a user that the software trusts can be executed in a successful exploit attempt. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | https://github.com/tematres/TemaTres-Vocabulary-Server/commits/master https://medium.com/@Pablo0xSantiago/cve-2019-14345-ff6f6d9fd30f https://sourceforge.net/p/tematres/mailman/tematres-help/ https://www.hackpuntes.com |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: https://www.vocabularyserver.com/ |