CVE-2022-34937
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-34937
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-34937.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-34937
- Published
- 2022-08-03T01:15:07Z
- Modified
- 2025-01-08T09:02:15.579580Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component savepage.php. This vulnerability allows attackers to execute arbitrary code.
- References
Affected packages
Git / github.com/u5cms/u5cms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/u5cms/u5cms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
v10.*
v10.0.0
v10.0.0-b1
v10.0.0-b2
v10.0.0-b3
v10.0.0-b4
v10.1.0
v10.1.1
v10.1.2
v10.1.3
v10.2.0
v10.3.0
v10.3.1
v10.3.2
v10.3.3
v11.*
v11.0.0
v11.0.1
v12.*
v12.0.0
v12.1.0
v12.2.1
v12.2.2
v12.4.0
v12.4.2
v12.4.3
v12.4.4
v12.4.5
v12.4.6
v12.4.9
v12.5.10
v12.5.2
v12.5.3
v12.5.4
v12.5.5
v12.5.6
v12.5.7
v12.5.8
v12.6.1
v12.6.10
v12.6.11
v12.6.2
v12.6.3
v12.6.4
v12.6.5
v12.6.6
v12.6.7
v12.6.8
v12.6.9
v8.*
v8.3.5
v8.4.0
v8.5.0
v8.5.1
v8.6.0
v8.6.1
v8.6.2
v8.6.3
v8.6.4
v8.7.0
v8.8.0