SourceCodester Simple Cold Storage Management System cross-site request forgery
CVE-2022-3582

4.3MEDIUM

Key Information:

Vendor: Sourcecodester
Status: Simple Cold Storage Management System
Vendor: CVE Published:; 18 October 2022

Summary

A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument change password leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211189 was assigned to this vulnerability.

Affected Version(s)

Simple Cold Storage Management System 1.0

References

https://github.com/jusstSahil/CSRF-/blob/main/POC

https://vuldb.com/?id.211189

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 18, 2022
Vulnerability Reserved
Oct 18, 2022