Lucene search
MitreCVE-2013-7209HistoryDec 30, 2013 - 3:30 p.m.
CVE-2013-7209
2013-12-3015:30:16
CWE-352
mitre
web.nvd.nist.gov
27
csrf
vulnerability
jforum
admin module
hijacking authentication
user group permissions
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.01
Percentile
83.8%
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
Affected configurations
Node
jforumjforumMatch-
Related
packetstorm
packetstorm
JForum Cross Site Request Forgery
2013-12-26 00:00:00
seebug
seebug
JForum login.page adminUsersๆจกๅiyonghuๆ้่ทจ็ซ่ฏทๆฑไผช้ ๆผๆด
2013-12-30 00:00:00
cvelist
cvelist
CVE-2013-7209
2013-12-30 15:00:00
nvd
nvd
CVE-2013-7209
2013-12-30 15:30:16
exploitdb
exploitdb
JForum 'adminUsers' Module - Cross-Site Request Forgery
2013-12-26 00:00:00
prion
prion
Cross site request forgery (csrf)
2013-12-30 15:30:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.01
Percentile
83.8%
Related for CVE-2013-7209