CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
CVEs-PoC/2021/CVE-2021-20786.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

18 lines
1.1 KiB
Markdown
Raw Permalink Blame History

### [CVE-2021-20786](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20786)
![](https://img.shields.io/static/v1?label=Product&message=GroupSession&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=GroupSession%20Free%20edition%20from%20ver2.2.0%20to%20the%20version%20prior%20to%20ver5.1.0%2C%20GroupSession%20byCloud%20from%20ver3.0.3%20to%20the%20version%20prior%20to%20ver5.1.0%2C%20and%20GroupSession%20ZION%20from%20ver3.0.3%20to%20the%20version%20prior%20to%20ver5.1.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-site%20request%20forgery&color=brightgreen)
### Description
Cross-site request forgery (CSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote attacker to hijack the authentication of administrators via a specially crafted URL.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/n0-traces/cve_monitor
Reference in New Issue View Git Blame Copy Permalink