CVE-2022-4564

CVSS V2 None CVSS V3 None
Description
A vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.0. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 9.0.1-alpha1 is able to address this issue. The name of the patch is af259115d2e8f17068e61902151ee8a9dbac397b. It is recommended to upgrade the affected component. The identifier VDB-215973 was assigned to this vulnerability.
Overview
  • CVE ID
  • CVE-2022-4564
  • Assigner
  • cna@vuldb.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-16T17:15:09
  • Last Modified Date
  • 2023-03-01T02:45:53
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:ucf:materia:*:*:*:*:*:*:*:* 1 OR 9.0.0
History
Created Old Value New Value Data Type Notes
2022-12-18 09:31:30 Added to TrackCVE
2022-12-19 21:15:00 2022-12-16T17:15:09.253 2022-12-16T17:15:09 CVE Published Date updated
2022-12-19 21:15:00 2022-12-16T18:00:32 CVE Modified Date updated
2022-12-19 21:15:00 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-21 19:14:25 2022-12-21T18:49:33 CVE Modified Date updated
2022-12-21 19:14:25 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-21 19:14:26 CPE Information updated
2022-12-24 22:15:41 2022-12-24T22:15:10 CVE Modified Date updated
2022-12-24 22:15:41 Analyzed Modified Vulnerability Status updated
2022-12-24 22:15:44 A vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.1-alpha1. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 9.0.2-alpha2 is able to address this issue. The name of the patch is af259115d2e8f17068e61902151ee8a9dbac397b. It is recommended to upgrade the affected component. The identifier VDB-215973 was assigned to this vulnerability. A vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.0. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 9.0.1-alpha1 is able to address this issue. The name of the patch is af259115d2e8f17068e61902151ee8a9dbac397b. It is recommended to upgrade the affected component. The identifier VDB-215973 was assigned to this vulnerability. Description updated
2022-12-24 22:15:46 CVSS V3 information new
2022-12-28 15:14:48 Modified Undergoing Analysis Vulnerability Status updated
2022-12-28 15:14:51 CVSS V3 information new
2023-03-01 03:16:55 2023-03-01T02:45:53 CVE Modified Date updated
2023-03-01 03:16:55 Undergoing Analysis Analyzed Vulnerability Status updated
2023-03-01 03:16:56 CVSS V3 information new