CVE-2021-27557 - OpenCVE

A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job.

No CVSS v3.0

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors	Products
Easycorp	Zentao

Configuration 1 [-]

cpe:2.3:a:easycorp:zentao:12.5.3:*:*:*:*:*:*:*

References

Link	Resource
https://privasec.com/blog/zentao-cms-a-monkeys-journey-to-priv-esc-remote-code-execution/	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-08-31T02:41:15

Updated: 2021-08-31T02:41:15

Reserved: 2021-02-22T00:00:00

Link: CVE-2021-27557

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-08-31T03:15:06.363

Modified: 2021-09-08T15:04:51.287

Link: CVE-2021-27557

JSON object: View

Redhat Information

No data.

CWE