GHSA-22cq-xxr9-jrrv

Source

https://github.com/advisories/GHSA-22cq-xxr9-jrrv

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-22cq-xxr9-jrrv/GHSA-22cq-xxr9-jrrv.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-22cq-xxr9-jrrv

Aliases

CVE-2018-18420

Published

2022-05-14T01:53:42Z

Modified

2024-02-16T08:16:44.247909Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Zenario CMS vulnerable to CSRF

Details

Cross-Site Request Forgery (CSRF) vulnerability was discovered in the 8.3 version of Zenario Content Management System via the admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent URI.

Database specific

{
    "github_reviewed_at": "2023-07-07T00:25:21Z",
    "github_reviewed": true,
    "severity": "HIGH",
    "nvd_published_at": "2018-10-19T22:29:00Z",
    "cwe_ids": [
        "CWE-352"
    ]
}

References

Affected packages

Packagist / tribalsystems/zenario

Package

Name: tribalsystems/zenario
Purl: pkg:composer/tribalsystems/zenario

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.5.40440

7.5.41006

7.5.41499

7.5.41633

7.5.42085

7.5.42990

7.5.47180

7.6.41504

7.6.41633

7.6.42085

7.6.42990

7.6.47180

7.7.42682

7.7.42963

7.7.42990

7.7.44223

7.7.47180

7.7.47369

7.7.48583

8.*

8.0.44237

8.0.44273

8.0.44294

8.0.44521

8.0.45032

8.0.45250

8.0.45529

8.0.47180

8.0.48583

8.1.45530

8.1.45698

8.1.46089

8.1.46433

8.1.46615

8.1.47180

8.1.47369

8.1.48583

8.2.46436

8.2.46614

8.2.47180

8.2.47369

8.2.47992

8.2.48583

8.3.47997

8.3.48583

8.3.50564

8.4.50565

8.4.51340

8.5.50567

8.5.50837

8.5.51340

8.6.51342

8.7

8.8

8.8.53370

8.8.53725

8.8.54063

8.9.54063

8.9.54149

8.9.54153

8.9.55141

9.*

9.0.54156

9.0.55141

9.0.57473

9.1.55143

9.1.55510

9.1.55619

9.1.57473

9.2

9.2.55826

9.2.57169

9.2.57473

9.3.57186

9.3.57474

9.3.57595

9.3.57709

9.3.57754

9.3.58670

9.4.58686

9.4.59197

9.4.59574

9.4.60437

9.5.59574

9.5.59647

9.5.60240

9.5.60437

Other

42085

Database specific

last_known_affected_version_range

"< 8.3"

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-22cq-xxr9-jrrv/GHSA-22cq-xxr9-jrrv.json"