Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. This is possible because the application is vulnerable to CSRF.
References
Link | Resource |
---|---|
https://fluidattacks.com/advisories/mosey/ | Exploit Third Party Advisory |
https://github.com/prasathmani/tinyfilemanager/ | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2022-11-25T00:00:00
Updated: 2022-12-05T11:42:19.302Z
Reserved: 2022-01-10T00:00:00
Link: CVE-2022-23044
JSON object: View
NVD Information
Status : Modified
Published: 2022-11-25T17:15:10.637
Modified: 2023-11-07T03:44:01.903
Link: CVE-2022-23044
JSON object: View
Redhat Information
No data.
CWE