CVE-2022-4014 - OpenCVE

A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this vulnerability is VDB-213788.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Feehi	Feehicms

Configuration 1 [-]

cpe:2.3:a:feehi:feehicms:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://vuldb.com/?id.213788

History

No history.

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2022-11-16T00:00:00

Updated: 2024-08-03T01:27:54.169Z

Reserved: 2022-11-16T00:00:00

Link: CVE-2022-4014

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-11-16T08:15:28.527

Modified: 2023-12-28T19:22:14.050

Link: CVE-2022-4014

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:feehi:feehicms:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6C50AD4-1984-46FB-A61C-1283A184AE0D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this vulnerability is VDB-213788."}, {"lang": "es", "value": "Una vulnerabilidad fue encontrada en FeehiCMS y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del componente Post My Comment Tab es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a la falsificaci\u00f3n de solicitudes entre sitios. El ataque puede lanzarse de forma remota. El identificador de esta vulnerabilidad es VDB-213788."}], "id": "CVE-2022-4014", "lastModified": "2023-12-28T19:22:14.050", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2022-11-16T08:15:28.527", "references": [{"source": "cna@vuldb.com", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?id.213788"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "cna@vuldb.com", "type": "Secondary"}]}