CVE-2021-37366
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-37366
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-37366.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-37366
- Published
- 2021-08-10T17:15:10Z
- Modified
- 2025-01-14T09:25:53.207790Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
CTparental before 4.45.03 is vulnerable to cross-site request forgery (CSRF) in the CTparental admin panel. By combining CSRF with XSS, an attacker can trick the administrator into clicking a link that cancels the filtering for all standard users.
- References
Affected packages
Git / gitlab.com/marsat/CTparental
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.com/marsat/CTparental
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
4.*
4.25.05e
4.25.05m
4.30.08
4.30.08m
4.40.00
4.40.03
4.40.04
4.40.04m
4.40.05
4.40.05m
4.41.01
4.41.01m
4.41.02
4.41.02m
4.42.01
4.42.01m
4.43.01
4.43.01m
4.44.01m
4.44.02
4.44.02m
4.44.03
4.44.03m
4.44.05
4.44.05m
4.44.08
4.44.08m
4.44.09
4.44.09m
4.44.10
4.44.11-manjaro-test
4.44.12
4.44.12m
4.44.13
4.44.13m
4.44.14
4.44.15m
4.44.16m
4.44.17
4.44.17m
4.44.18
4.44.18m
4.45.02
4.45.02m
4.45.03