CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-43340

A Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows attackers to arbitrarily create user accounts and grant Administrator rights to regular users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.1%

CVSS Severity

CVSS v3 Score 8.8

References

http://dzzoffice.com
https://github.com/zyx0814/dzzoffice
https://github.com/zyx0814/dzzoffice/issues/223
http://dzzoffice.com
https://github.com/zyx0814/dzzoffice
https://github.com/zyx0814/dzzoffice/issues/223

Products affected by CVE-2022-43340

Dzzoffice » Dzzoffice » Version: 2.02.1

cpe:2.3:a:dzzoffice:dzzoffice:2.02.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-43340

Products

Pricing

Contact Us