VDB
CVE-2024-47879
CVE-2024-47879
PUBLISHED
CVSS 7.599999904632568 HIGH
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
EPSS 0.14% · 33.1th percentile
Risk Scores
CVSS 3.1
7.599999904632568
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
EPSS Score
0.14%
33.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| openrefine | openrefine | 0 |
| openrefine | openrefine | 0 |
| OpenRefine | OpenRefine | < 3.8.3 |
| Maven | org.openrefine:main | 0 |
Exploit Intelligence
Timeline
- Jan 21, 1970 Security Advisory
- Oct 24, 2024 CVE Published
- Oct 24, 2024 Coalition ESS Score
- Oct 25, 2024 EPSS Score
- Oct 25, 2024 Coalition ESS Score
- Oct 28, 2024 Coalition ESS Score
- Oct 30, 2024 Coalition ESS Score
- Nov 12, 2024 EPSS Score
- Dec 2, 2024 EPSS Score
- Dec 4, 2024 CVE Updated
- Dec 20, 2024 EPSS Score
- Jan 7, 2025 EPSS Score