Mingyuefusu Tushuguanlixitong Cross-Site Request Forgery Vulnerability

Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in the Mingyuefusu Tushuguanlixitong library management system, affecting versions prior to d4836f6b49cd0ac79a4021b15ce99ff7229d4694. This vulnerability allows attackers to manipulate requests in a way that could interfere with the application's processing, particularly targeting the login status of administrators. If an administrator clicks on a crafted link, they could be automatically added as a user, potentially leading to unauthorized access or actions within the system.

Impact

Exploitation of this vulnerability could result in unauthorized actions being performed on behalf of an administrator, potentially leading to unauthorized access or changes within the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mingyuefusu Tushuguanlixitong Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating