CVE-2009-4092

2009-11-2720:45:00

mitre

www.cve.org

7.2 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

Cross-site request forgery (CSRF) vulnerability in user.php in Simplog 0.9.3.2, and possibly earlier, allows remote attackers to hijack the authentication of administrators and users for requests that change passwords.

References

secunia.com/advisories/21390

www.exploit-db.com/exploits/10180

www.securityfocus.com/bid/37063

exchange.xforce.ibmcloud.com/vulnerabilities/54354