CVE-2022-32320

A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
VendorProductVersion
ferdiumferdium
6.0.0
ferdiumferdium
6.0.0:beta1
ferdiumferdium
6.0.0:beta2
ferdiumferdium
6.0.0:beta3
ferdiumferdium
6.0.0:nightly1
ferdiumferdium
6.0.0:nightly10
ferdiumferdium
6.0.0:nightly11
ferdiumferdium
6.0.0:nightly12
ferdiumferdium
6.0.0:nightly13
ferdiumferdium
6.0.0:nightly14
ferdiumferdium
6.0.0:nightly15
ferdiumferdium
6.0.0:nightly16
ferdiumferdium
6.0.0:nightly17
ferdiumferdium
6.0.0:nightly18
ferdiumferdium
6.0.0:nightly19
ferdiumferdium
6.0.0:nightly2
ferdiumferdium
6.0.0:nightly20
ferdiumferdium
6.0.0:nightly21
ferdiumferdium
6.0.0:nightly22
ferdiumferdium
6.0.0:nightly23
ferdiumferdium
6.0.0:nightly24
ferdiumferdium
6.0.0:nightly25
ferdiumferdium
6.0.0:nightly26
ferdiumferdium
6.0.0:nightly27
ferdiumferdium
6.0.0:nightly28
ferdiumferdium
6.0.0:nightly29
ferdiumferdium
6.0.0:nightly3
ferdiumferdium
6.0.0:nightly30
ferdiumferdium
6.0.0:nightly31
ferdiumferdium
6.0.0:nightly32
ferdiumferdium
6.0.0:nightly33
ferdiumferdium
6.0.0:nightly34
ferdiumferdium
6.0.0:nightly35
ferdiumferdium
6.0.0:nightly36
ferdiumferdium
6.0.0:nightly37
ferdiumferdium
6.0.0:nightly38
ferdiumferdium
6.0.0:nightly39
ferdiumferdium
6.0.0:nightly4
ferdiumferdium
6.0.0:nightly40
ferdiumferdium
6.0.0:nightly41
ferdiumferdium
6.0.0:nightly42
ferdiumferdium
6.0.0:nightly43
ferdiumferdium
6.0.0:nightly44
ferdiumferdium
6.0.0:nightly45
ferdiumferdium
6.0.0:nightly46
ferdiumferdium
6.0.0:nightly47
ferdiumferdium
6.0.0:nightly48
ferdiumferdium
6.0.0:nightly49
ferdiumferdium
6.0.0:nightly5
ferdiumferdium
6.0.0:nightly50
ferdiumferdium
6.0.0:nightly51
ferdiumferdium
6.0.0:nightly52
ferdiumferdium
6.0.0:nightly53
ferdiumferdium
6.0.0:nightly54
ferdiumferdium
6.0.0:nightly55
ferdiumferdium
6.0.0:nightly56
ferdiumferdium
6.0.0:nightly57
ferdiumferdium
6.0.0:nightly58
ferdiumferdium
6.0.0:nightly59
ferdiumferdium
6.0.0:nightly6
ferdiumferdium
6.0.0:nightly60
ferdiumferdium
6.0.0:nightly61
ferdiumferdium
6.0.0:nightly62
ferdiumferdium
6.0.0:nightly63
ferdiumferdium
6.0.0:nightly65
ferdiumferdium
6.0.0:nightly66
ferdiumferdium
6.0.0:nightly67
ferdiumferdium
6.0.0:nightly69
ferdiumferdium
6.0.0:nightly7
ferdiumferdium
6.0.0:nightly70
ferdiumferdium
6.0.0:nightly71
ferdiumferdium
6.0.0:nightly72
ferdiumferdium
6.0.0:nightly73
ferdiumferdium
6.0.0:nightly74
ferdiumferdium
6.0.0:nightly76
ferdiumferdium
6.0.0:nightly77
ferdiumferdium
6.0.0:nightly78
ferdiumferdium
6.0.0:nightly79
ferdiumferdium
6.0.0:nightly8
ferdiumferdium
6.0.0:nightly80
ferdiumferdium
6.0.0:nightly81
ferdiumferdium
6.0.0:nightly82
ferdiumferdium
6.0.0:nightly83
ferdiumferdium
6.0.0:nightly84
ferdiumferdium
6.0.0:nightly85
ferdiumferdium
6.0.0:nightly86
ferdiumferdium
6.0.0:nightly87
ferdiumferdium
6.0.0:nightly88
ferdiumferdium
6.0.0:nightly89
ferdiumferdium
6.0.0:nightly9
ferdiumferdium
6.0.0:nightly90
ferdiumferdium
6.0.0:nightly91
ferdiumferdium
6.0.0:nightly92
ferdiumferdium
6.0.0:nightly93
ferdiumferdium
6.0.0:nightly94
ferdiumferdium
6.0.0:nightly95
ferdiumferdium
6.0.0:nightly96
ferdiumferdium
6.0.0:nightly97
ferdiumferdium
6.0.0:nightly98
getferdiferdi
𝑥
≤ 5.8.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://getferdi.com/
https://gist.github.com/omriinbar-cyesec/c1179fe99725d2b828b6573c0d110c9c
https://github.com/getferdi/ferdi
https://getferdi.com/
https://gist.github.com/omriinbar-cyesec/c1179fe99725d2b828b6573c0d110c9c
https://github.com/getferdi/ferdi