Lucene search

[email protected]CVE-2011-5315

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-5315

2022-10-0316:15:12

CWE-352

[email protected]

web.nvd.nist.gov

csrf

vulnerability

whcms 0.115 alpha

nvd

security

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.9%

JSON

Cross-site request forgery (CSRF) vulnerability in admin/index.php in whCMS 0.115 alpha allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action.

Affected configurations

NVD

Node

whcms_projectwhcmsMatch0.115alpha

CPENameOperatorVersion
whcms_project:whcmswhcms project whcmseq0.115

CPE	Name	Operator	Version
whcms_project:whcms	whcms project whcms	eq	0.115

References

www.htbridge.com/advisory/HTB22767

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.9%

JSON

Related for CVE-2011-5315

prion1 nvd1 cvelist1