CVE-2016-4808
MEDIUM4.5EPSS 0.23%Web2py Cross-Site Request Forgery vulnerability
Published: 5/17/2022Modified: 2/20/2024
Description
Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Request Forgery) vulnerability, which allows an attacker to trick a logged-in administrator into performing unwanted actions i.e An attacker can trick a victim into disable the installed application just by visiting a URL.
Affected packages (1)
- PyPI/web2pyfrom 0, < 2.14.6
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.5 | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H |