Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00161
Percentile: 0.37724

CVSS Scoring

Mapped CWE(s)

• CWE-352 : Cross-Site Request Forgery (CSRF)

All CAPEC(s)

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

Affected Products

• cpe:2.3:a:itd-inc:bingo\!cms:*:-:commercial:*:*:*:*:*
• cpe:2.3:a:itd-inc:bingo\!cms:*:-:core:*:*:*:*:*

← Back to Home