Lucene search
HistoryNov 18, 2013 - 2:55 a.m.
CVE-2013-4555
cve-2013-4555
csrf
ecrire
action
logout.php
spip
2.1.24
vulnerability
nvd
7.2 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.5%
Cross-site request forgery (CSRF) vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors.
Related
debiancve
debiancve
CVE-2013-4555
2013-11-18 02:55:00
prion
prion
Cross site request forgery (csrf)
2013-11-18 02:55:00
ubuntucve
ubuntucve
CVE-2013-4555
2013-11-18 00:00:00
cvelist
cvelist
CVE-2013-4555
2013-11-15 18:16:00
nessus
nessus
Debian DSA-2794-1 : spip - several vulnerabilities
2013-11-21 00:00:00
openvas
openvas
SPIP 'connect' Parameter PHP Code Injection Vulnerability
2013-08-29 00:00:00
Debian Security Advisory DSA 2794-1 (spip - several vulnerabilities)
2013-11-10 00:00:00
Debian: Security Advisory (DSA-2794-1)
2013-11-09 00:00:00
7.2 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.5%
Related for CVE-2013-4555