CVE-2021-3963

Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2

CVSS 4.3 MEDIUMEPSS 0.4%CWE-352

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF)

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

kevinpapst · kevinpapst/kimai2

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/kevinpapst/kimai2/commit/95796ab2560ad93f44068a88f0fad758c2053514 https://huntr.dev/bounties/3abf308b-7dbd-4864-b1a9-5c45b876def8