Lucene search
HistoryFeb 05, 2008 - 12:00 a.m.
CVE-2008-0182
cve-2008-0182
cross-site request forgery
csrf vulnerability
liferay portal
authenticated users
shutdown message
nvd
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
40.2%
Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message.
| CPE | Name | Operator | Version |
|---|---|---|---|
| liferay:liferay_enterprise_portal | liferay liferay enterprise portal | le | 4.3.6 |
Related
cert
cert
Liferay Portal fails to protect against CSRF
2008-01-31 00:00:00
prion
prion
Cross site request forgery (csrf)
2008-02-05 00:00:00
cvelist
cvelist
CVE-2008-0182
2022-10-03 16:14:09
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
40.2%
Related for CVE-2008-0182