EUVD-2014-3564

Malware in sbrugna...

PT-2021-22896 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: livehelperchat affected versions not specified Description: The issue is related to Cross-Site Request Forgery CSRF, which allows an attacker to log out a user if the logged-in user visits the attacker's website. This cannot harm the user's...

Cross-Site Request Forgery (CSRF) in bookstackapp/bookstack

Description Attacker is able to logout a user if a logged in user visits attacker website. Impact This vulnerability is capable of forging user to unintentional logout. Test Tested on Edge, firefox, chrome and safari. Fix You should use POST instead of GET. To expand: One way GET could be abused...

CVE-2016-2965

IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846...

IBM Emptoris Strategic Supply Management Platform Denial of Service Vulnerability

IBM Emptoris Strategic Supply Management is a common Web-based portal access to the Emptoris suite of products management platform from IBM. A security vulnerability exists in the authentication feature in IBM Emptoris Strategic Supply Management versions 10.0.0.x through 10.1.1.x. The...