5 matches found
CVE-2013-4889
Multiple cross-site request forgery CSRF vulnerabilities in index.php in Digital Signage Xibo 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that 1 add a new administrator via the AddUser action or 2 conduct cross-site scripting XSS attacks, as demonstrat...
CVE-2013-4889
Multiple cross-site request forgery CSRF vulnerabilities in index.php in Digital Signage Xibo 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that 1 add a new administrator via the AddUser action or 2 conduct cross-site scripting XSS attacks, as demonstrat...
CVE-2013-4889
CVE-2013-4889 is a vulnerability in Digital Signage Xibo 1.4.2 where CSRF in index.php can hijack administrator sessions by performing actions such as adding a new administrator via the AddUser action. The entry aggregates related issues, noting that this vulnerability enables requests performed ...
Xibo - Cross-Site Request Forgery
Xibo - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/62064/info Xibo is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks...
CVE-2013-4889
creationtimestamp| type| source ---|---|--- 2013-08-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38746...