漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
In GoCD, versions 19.6.0 to 21.1.0 are vulnerable to Cross-Site Request Forgery due to missing CSRF protection at the `/go/api/config/backup` endpoint. An attacker can trick a victim to click on a malicious link which could change backup configurations or execute system commands in the post_backup_script field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Aravind SV gocd 跨站请求伪造漏洞
Vulnerability Description
Aravind SV gocd是Aravind SV开源的一个应用程序。GoCD的主要存储库-连续交付服务器。 GoCD, versions 19.6.0 to 21.1.0 存在跨站请求伪造漏洞,该漏洞源于/go/api/config/backup端点缺少CSRF保护。
CVSS Information
N/A
Vulnerability Type
N/A