Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insufficient Validation in Catalog (Activation/Deactivation) in Ampache
Vulnerability Description
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change website features that should only be managed by administrators through malicious requests. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Ampache 跨站请求伪造漏洞
Vulnerability Description
Ampache是Ampache开源的一款基于Web的音频/视频应用程序和文件管理器。 Ampache 7.0.1版本存在跨站请求伪造漏洞,该漏洞源于当前令牌解析的实现在激活或停用目录时无法正确验证 CSRF 令牌。
CVSS Information
N/A
Vulnerability Type
N/A