Vulnerabilities > CVE-2021-46426 - Unspecified vulnerability in PHPipam 1.4.4

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

NVD

Published: 2022-03-25

Updated: 2022-08-19

Summary

phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality.

Vulnerable Configurations

Part	Description	Count
Application	Phpipam Phpipam Phpipam 1.4.4	1

References

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.