Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2022-4397
Modified
More InfoOfficial Page
Source-cna@vuldb.com
View Known Exploited Vulnerability (KEV) details
Published At-10 Dec, 2022 | 19:15
Updated At-07 Nov, 2023 | 03:57

A vulnerability was found in morontt zend-blog-number-2. It has been classified as problematic. Affected is an unknown function of the file application/forms/Comment.php of the component Comment Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is 36b2d4abe20a6245e4f8df7a4b14e130b24d429d. It is recommended to apply a patch to fix this issue. VDB-215250 is the identifier assigned to this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Secondary3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CPE Matches
zend-blog-2_project
zend-blog-2_project
>>zend-blog-2>>-
cpe:2.3:a:zend-blog-2_project:zend-blog-2:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-352Primarynvd@nist.gov
CWE-863Secondarycna@vuldb.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/morontt/zend-blog-number-2/commit/36b2d4abe20a6245e4f8df7a4b14e130b24d429dcna@vuldb.com
Patch
Third Party Advisory
https://vuldb.com/?id.215250cna@vuldb.com
Permissions Required
Third Party Advisory
VDB Entry
Change History
0Changes found
Details not found