Lucene search
HistoryMay 20, 2006 - 3:02 a.m.
CVE-2006-2495
cve-2006-2495
csrf
vulnerability
serendipity
entry manager
unauthorized actions
remote attackers
img tag
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
84.9%
Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag.
Affected configurations
Node
s9yserendipityMatch0.3
ORs9yserendipityMatch0.4
ORs9yserendipityMatch0.5
ORs9yserendipityMatch0.5_pl1
ORs9yserendipityMatch0.6
ORs9yserendipityMatch0.6_pl3
ORs9yserendipityMatch0.7
ORs9yserendipityMatch0.7.1
ORs9yserendipityMatch0.8
ORs9yserendipityMatch0.8.1
ORs9yserendipityMatch0.8.2
ORs9yserendipityMatch0.8.3
ORs9yserendipityMatch0.8.4
ORs9yserendipityMatch0.8.5
ORs9yserendipityMatch0.9
ORs9yserendipityMatch0.9.1
ORs9yserendipityMatch1.0_beta1
ORs9yserendipityMatch1.0_beta2
Related
nvd
nvd
CVE-2006-2495
2006-05-20 03:02:00
prion
prion
Cross site request forgery (csrf)
2006-05-20 03:02:00
cvelist
cvelist
CVE-2006-2495
2006-05-20 02:59:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
84.9%
Related for CVE-2006-2495