CVE-2023-48751

MEDIUM

4.3CVSS v3

—CVSS v2

0.06% EPSS (exploit probability)

CWE-352CWE

Description

Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects Participants Database: from n/a through 2.5.5.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected routers (1)

Vendor	Model	Matched via	Affected versions	Fixed in	Patch?
Ubiquiti	Ubiquiti EdgeRouter X	`—`	—	—	No

External references

NIST NVD
MITRE CVE