Sakura: Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin <= 3.1.2 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.
CVSS Score
6.1
EPSS Score
0.005
Published
2023-07-21
Cross-site request forgery (CSRF) vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-21