CVE-2021-3993

Description

showdoc is vulnerable to Cross-Site Request Forgery (CSRF).

How to fix CVE-2021-3993

To remediate CVE-2021-3993, upgrade the affected package to a fixed version below.

• Packagist/showdoc/showdoc—upgrade to 2.9.13 or later

Is CVE-2021-3993 being exploited?

Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 2.9.13

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2021-3993
• PATCHgithub.com/star7th/showdoc
• WEBgithub.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871
• WEBhuntr.dev/bounties/0aa84736-139b-4ae7-becf-604f7f60b1c9