What is GHSA-4gj8-55p5-fm24?

GHSA-4gj8-55p5-fm24 is a security advisory published by GitHub Security Advisories with Medium severity. Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers...

Which CVE IDs does GHSA-4gj8-55p5-fm24 cover?

GHSA-4gj8-55p5-fm24 covers the following CVE IDs: CVE-2018-25363. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-4gj8-55p5-fm24?

GHSA-4gj8-55p5-fm24 has a CVSS v3 base score of 4.3, published by GitHub Security Advisories.

GHSA-4gj8-55p5-fm24MediumCVSS 4.3

Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2018-25363 →

📋 Description

Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers to force victims to delete posts by crafting malicious HTML forms. Attackers can create hidden forms targeting tweetdel.php with tweet IDs and automatically submit them to delete arbitrary posts from authenticated user sessions.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2018-25363
https://github.com/Fyffe/PHP-Twitter-Clone
https://www.exploit-db.com/exploits/45232
https://www.vulncheck.com/advisories/twitter-clone-1-cross-site-request-forgery-via-tweetdel-php
https://github.com/advisories/GHSA-4gj8-55p5-fm24