Lucene search
HistoryFeb 04, 2009 - 3:30 p.m.
CVE-2008-6048
cve-2008-6048
csrf
tangocms
hijack
authentication
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.8%
Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS before 2.2.0 allow remote attackers to hijack the authentication of administrators.
Affected configurations
Node
tangocmstangocmsRange≤2.1.2
ORtangocmstangocmsMatch1.0.6
ORtangocmstangocmsMatch1.0.8
ORtangocmstangocmsMatch1.0.8.1
ORtangocmstangocmsMatch2.0.0
ORtangocmstangocmsMatch2.0.1
ORtangocmstangocmsMatch2.0.2
ORtangocmstangocmsMatch2.0.3
ORtangocmstangocmsMatch2.0.4
ORtangocmstangocmsMatch2.0.5
ORtangocmstangocmsMatch2.0.6
ORtangocmstangocmsMatch2.1.0
ORtangocmstangocmsMatch2.1.1
Related
prion
prion
Cross site request forgery (csrf)
2009-02-04 15:30:00
cvelist
cvelist
CVE-2008-6048
2009-02-04 15:10:00
nvd
nvd
CVE-2008-6048
2009-02-04 15:30:01
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.8%
Related for CVE-2008-6048