What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in tobias_.MerZ Browser Caching with .htaccess allows Cross Site Request Forgery. This issue affects Browser Caching with .htaccess: from 1.2.1 through n/a.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
What the vulnerability does
Cross-Site Request Forgery (CSRF) vulnerability in tobias_.MerZ Browser Caching with .htaccess allows Cross Site Request Forgery. This issue affects Browser Caching with .htaccess: from 1.2.1 through n/a.
Explanation of Vulnerability in Simple Terms
A cross-site request forgery vulnerability in Browser Caching with .htaccess allows an attacker to perform unwanted actions on behalf of a user who visits a malicious page. The attacker cannot read sensitive data, but can modify site content or cause temporary unavailability. A victim must click a link or visit a page controlled by the attacker to trigger the vulnerability.
What an attacker can do
Perform unwanted actions (modify content or cause downtime) on behalf of a logged-in user.
Potential impact on your site
Users' actions can be hijacked to modify site settings, content, or cause service disruption without their knowledge.
Conditions required to exploit
Victim must visit a page or click a link controlled by the attacker while logged in.
Key dates
External resources
Related vulnerabilities