Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
1Panel CSRF Panel Name Modification
Vulnerability Description
1Panel versions 1.10.33 through 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the panel name management functionality. The affected endpoint does not implement CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a panel-name change request; if a victim visits the page while authenticated, the browser includes valid session cookies and the request succeeds. This allows a remote attacker to change the victim’s panel name to an arbitrary value without consent.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
1Panel 跨站请求伪造漏洞
Vulnerability Description
1Panel是中国1Panel社区的一个开源的Linux服务器运维管理面板。 1Panel 110.33版本至2.0.15版本存在跨站请求伪造漏洞,该漏洞源于面板名称管理功能未实施CSRF防护,可能导致面板名称被任意更改。
CVSS Information
N/A
Vulnerability Type
N/A