Lucene search

[email protected]CVE-2008-4909

HistoryNov 04, 2008 - 1:00 a.m.

CVE-2008-4909

2008-11-0401:00:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-4909

cross-site request forgery

csrf

compactcms 1.1

unauthorized actions

remote attackers

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.3%

JSON

Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and earlier allows remote attackers to perform unauthorized actions as legitimate users via unspecified vectors.

Affected configurations

NVD

Node

compact_cmscompact_cmsRange≤1.1

CPENameOperatorVersion
compact_cms:compact_cmscompact cmsle1.1

CPE	Name	Operator	Version
compact_cms:compact_cms	compact cms	le	1.1

References

holisticinfosec.org/content/view/90/45/

secunia.com/advisories/32464

exchange.xforce.ibmcloud.com/vulnerabilities/46198

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.3%

JSON

Related for CVE-2008-4909

prion1 cvelist1 nvd1