4 matches found
CVE-2013-4555
Cross-site request forgery CSRF vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors...
CVE-2013-4555
Cross-site request forgery CSRF vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors...
CVE-2013-4555
SPIP’s CSRF flaw CVE-2013-4555 affects action/logout.php in SPIP versions before 2.1.24. An attacker can hijack a user’s session by sending a logout request via unspecified vectors, enabling partial confidentiality/integrity/availability impact as described in the CVE entry. Multiple connected fe...
CVE-2013-4555
Cross-site request forgery CSRF vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors...