A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-230458 is the identifier…
| Vendor | Product | Versions |
|---|---|---|
| Guangdong | Pythagorean OA Office System | 4.50.0, 4.50.1, 4.50.2, 4.50.3, 4.50.4, 4.50.5, 4.50.6, 4.50.7, 4.50.8, 4.50.9, 4.50.10, 4.50.11, 4.50.12, 4.50.13, 4.50.14, 4.50.15, 4.50.16, 4.50.17, 4.50.18, 4.50.19, 4.50.20, 4.50.21, 4.50.22, 4.50.23, 4.50.24, 4.50.25, 4.50.26, 4.50.27, 4.50.28, 4.50.29, 4.50.30, 4.50.31 |
Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.
For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.
Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:
No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.