Lucene search
MitreCVELIST:CVE-2021-44122HistoryJan 26, 2022 - 11:47 a.m.
CVE-2021-44122
2022-01-2611:47:55
mitre
www.cve.org
2
SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire_.php. To exploit the vulnerability, a visitor must visit a malicious website which redirects to the SPIP website. It is also possible to combine XSS vulnerabilities in SPIP 4.0.0 to exploit it. The vulnerability allows an authenticated attacker to execute malicious code without the knowledge of the user on the website (CSRF).
Related
osv
osv
CVE-2021-44122
2022-01-26 12:15:07
spip - security update
2021-12-22 00:00:00
spip - security update
2021-12-29 00:00:00
cnvd
cnvd
SPIP Cross-site Request Forgery Vulnerability (CNVD-2022-08190)
2022-01-28 00:00:00
cve
cve
CVE-2021-44122
2022-01-26 12:15:07
veracode
veracode
Cross-site Request Forgery (CSRF)
2022-02-07 22:32:45
nvd
nvd
CVE-2021-44122
2022-01-26 12:15:07
ubuntucve
ubuntucve
CVE-2021-44122
2022-01-26 00:00:00
debiancve
debiancve
CVE-2021-44122
2022-01-26 12:15:07
prion
prion
Cross site request forgery (csrf)
2022-01-26 12:15:00
openvas
openvas
Debian: Security Advisory (DLA-2867-1)
2021-12-30 00:00:00
Debian: Security Advisory (DSA-5028-1)
2021-12-23 00:00:00
SPIP < 3.2.12, 4.x < 4.0.1 Multiple Vulnerabilities
2022-01-27 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : SPIP vulnerabilities (USN-5482-2)
2023-03-02 00:00:00
Ubuntu 18.04 LTS : SPIP vulnerabilities (USN-5482-1)
2022-06-17 00:00:00
ubuntu
ubuntu
SPIP vulnerabilities
2023-03-02 00:00:00
SPIP vulnerabilities
2022-06-16 00:00:00