CVE-2022-3267 MEDIUM

CVE-2022-3267: Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb

Vendor Ikus060
Product ikus060/rdiffweb
Weakness CWE-352 · CSRF
Published September 22, 2022
Last update May 23, 2025
View on NVD All CVEs

CVSS base score

6.8/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.

Key dates

02Disclosure timeline

September 22, 2022 CVE published
May 23, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2020-36504 WP-Pro-Quiz <= 0.37 - Arbitrary Quiz Deletion via CSRF CVE-2023-25967 WordPress Community by PeepSo Plugin <= 6.0.2.0 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2025-23569 WordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerability CVE-2025-14976 User Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post Deletion CVE-2024-31105 WordPress Tax Rate Upload plugin <= 2.4.5 - CSRF leading to Cross Site Scripting (XSS) vulnerability