Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile. without the victim's knowledge, by enticing an authenticated admin user to visit an attacker's web page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
webTareas 跨站请求伪造漏洞
Vulnerability Description
webTareas是一款基于Web的开源协作工具。该产品支持项目管理、错误跟踪、内容管理和会议管理等功能。 webTareas 存在跨站请求伪造漏洞,该漏洞源于webTareas 2.4版本及更早版本中存在跨站请求伪造(CSRF)漏洞。攻击者可利用该漏洞创建一个新的管理配置文件,并向新配置文件添加一个新用户,在受害者不知情的情况下,通过引诱经过身份验证的管理用户访问被设计的网页。
CVSS Information
N/A
Vulnerability Type
N/A