Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-3920HistoryJul 03, 2014 - 2:55 p.m.
CVE-2014-3920
2014-07-0314:55:08
Debian Security Bug Tracker
security-tracker.debian.org
8
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.8%
Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0.6 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a save action to the default URI.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | kanboard | < 1.2.26+ds-2+deb12u2 | kanboard_1.2.26+ds-2+deb12u2_all.deb |
| Debian | 999 | all | kanboard | < 1.2.31+ds2-1 | kanboard_1.2.31+ds2-1_all.deb |
Related
zdt
zdt
Kanboard 1.0.5 Cross Site Request Forgery Vulnerability
2014-07-06 00:00:00
packetstorm
packetstorm
Kanboard 1.0.5 Cross Site Request Forgery
2014-07-02 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-07-03 14:55:00
htbridge
htbridge
Cross-Site Request Forgery (CSRF) in Kanboard
2014-05-28 00:00:00
openvas
openvas
Kanboard < 1.0.6 CSRF Vulnerability
2015-12-04 00:00:00
securityvulns
securityvulns
Cross-Site Request Forgery (CSRF) in Kanboard
2014-10-15 00:00:00
cvelist
cvelist
CVE-2014-3920
2014-07-03 14:00:00
nvd
nvd
CVE-2014-3920
2014-07-03 14:55:08
cve
cve
CVE-2014-3920
2014-07-03 14:55:08
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.8%
Related for DEBIANCVE:CVE-2014-3920