Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
atjiu pybbs CookieUtil.java setCookie cross-site request forgery
Vulnerability Description
A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function setCookie of the file src/main/java/co/yiiu/pybbs/util/CookieUtil.java. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 8aa2bb1aef3346e49aec6358edf5e47ce905ae7b. It is recommended to apply a patch to fix this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
pybbs 安全漏洞
Vulnerability Description
pybbs是iuiu个人开发者的一个Java开发的社区平台。 pybbs 6.0.0及之前版本存在安全漏洞,该漏洞源于文件src/main/java/co/yiiu/pybbs/util/CookieUtil.java中函数setCookie导致跨站请求伪造,可能导致远程攻击。
CVSS Information
N/A
Vulnerability Type
N/A