CVE-2022-0088
LOW3.5EPSS 0.60%Cross-Site Request Forgery in YOURLS
發布日:2022/4/4修改日:2026/2/18
描述
YOURLS versions 1.8.2 and prior are vulnerable to Cross-Site Request Forgery.
受影響套件(1)
- Packagist/yourls/yourlsfrom 0, <= 1.8.2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | LOW3.5 | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N |
參考連結(7)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-0088
- PATCHhttps://github.com/yourls/yourls
- WEBhttps://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2022-0088.md
- WEBhttps://github.com/yourls/yourls/commit/1de256d8694b0ec7d4df2ac1d5976d4055e09d59
- WEBhttps://github.com/YOURLS/YOURLS/issues/3170
- WEBhttps://github.com/YOURLS/YOURLS/pull/3264
- WEBhttps://huntr.dev/bounties/d01f0726-1a0f-4575-ae17-4b5319b11c29