Lucene search
MitreCVELIST:CVE-2015-6973HistorySep 16, 2015 - 7:00 p.m.
CVE-2015-6973
2015-09-1619:00:00
mitre
www.cve.org
2
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafted request to user-create.jsp, (3) edit server settings or (4) disable SSL on the server via a crafted request to server-props.jsp, or (5) add clients via a crafted request to plugins/clientcontrol/permitted-clients.jsp.
Related
checkpoint_advisories
checkpoint_advisories
prion
prion
Cross site request forgery (csrf)
2015-09-16 19:59:00
packetstorm
packetstorm
Openfire 3.10.2 Cross Site Request Forgery
2015-09-14 00:00:00
exploitdb
exploitdb
Openfire 3.10.2 - Cross-Site Request Forgery
2015-09-15 00:00:00
cve
cve
CVE-2015-6973
2015-09-16 19:59:01
nvd
nvd
CVE-2015-6973
2015-09-16 19:59:01
openvas
openvas
OpenFire <= 3.10.2 Multiple Vulnerabilities
2015-10-19 00:00:00
gentoo
gentoo
Openfire: Multiple vulnerabilities
2016-12-31 00:00:00
archlinux
archlinux
[ASA-201612-21] openfire: multiple issues
2016-12-23 00:00:00
nessus
nessus
GLSA-201612-50 : Openfire: Multiple vulnerabilities
2017-01-03 00:00:00