CVE-2022-28892

Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.
Configurations

Configuration 1

cpe:2.3:a:mahara:mahara:22.04.0:rc1:*:*:*:*:*:*
cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*
cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*
cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*

Information

Published : 2022-04-28 04:15

Updated : 2023-01-30 07:19


NVD link : CVE-2022-28892

Mitre link : CVE-2022-28892

Products Affected
No products.
CWE