CVE-2022-38329
Last modified
CVE-2022-38329 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. A CSRF vulnerability in Shopxian CMS 3.0.0 could allow an unauthenticated, remote attacker to craft a malicious link, potentially causing the administrator to perform unintended actions on an affected system. The vulnerability could allow attackers to modify or delete specific content through crafted requests, potentially leading to data loss and system integrity issues.. EPSS estimates a 0.40% chance of exploitation in the next 30 days.
Description
A CSRF vulnerability in Shopxian CMS 3.0.0 could allow an unauthenticated, remote attacker to craft a malicious link, potentially causing the administrator to perform unintended actions on an affected system. The vulnerability could allow attackers to modify or delete specific content through crafted requests, potentially leading to data loss and system integrity issues.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Shopxian | Shopxian Cms | 3.0.0 |
References
- https://github.com/zhangqiquan/shopxian_cms/issues/4Exploit, Issue Tracking, Third Party Advisory
- https://github.com/zhangqiquan/shopxian_cms/issues/4Exploit, Issue Tracking, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-38329?
How severe is CVE-2022-38329?
How do I fix CVE-2022-38329?
Are you affected by CVE-2022-38329?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST