Lucene search
Japan Vulnerability NotesJVN:44913777HistoryApr 05, 2012 - 12:00 a.m.
JVN#44913777: SENCHA SNS vulnerable to cross-site request forgery
2012-04-0500:00:00
Japan Vulnerability Notes
jvn.jp
15
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
52.7%
SENCHA SNS is an open source SNS software. SENCHA SNS contains a cross-site request forgery vulnerability.
Impact
If a user views a malicious page while logged in, arbitrary operations may be conducted on the vulnerable system.
Solution
Update the Software
Update to the latest version provided by the developer.
Products Affected
- SENCHA SNS 1.0.1 and earlier
Related
prion
prion
Cross site request forgery (csrf)
2012-04-06 18:55:00
cvelist
cvelist
CVE-2012-1237
2012-04-06 18:00:00
nvd
nvd
CVE-2012-1237
2012-04-06 18:55:01
cve
cve
CVE-2012-1237
2012-04-06 18:55:01
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
52.7%
Related for JVN:44913777