Lucene search
HistoryMay 20, 2006 - 3:02 a.m.
CVE-2006-2495
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
84.9%
Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag.
Affected configurations
Node
s9yserendipityMatch0.3
ORs9yserendipityMatch0.4
ORs9yserendipityMatch0.5
ORs9yserendipityMatch0.5_pl1
ORs9yserendipityMatch0.6
ORs9yserendipityMatch0.6_pl3
ORs9yserendipityMatch0.7
ORs9yserendipityMatch0.7.1
ORs9yserendipityMatch0.8
ORs9yserendipityMatch0.8.1
ORs9yserendipityMatch0.8.2
ORs9yserendipityMatch0.8.3
ORs9yserendipityMatch0.8.4
ORs9yserendipityMatch0.8.5
ORs9yserendipityMatch0.9
ORs9yserendipityMatch0.9.1
ORs9yserendipityMatch1.0_beta1
ORs9yserendipityMatch1.0_beta2
Related
cve
cve
CVE-2006-2495
2006-05-20 03:02:00
prion
prion
Cross site request forgery (csrf)
2006-05-20 03:02:00
cvelist
cvelist
CVE-2006-2495
2006-05-20 02:59:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
84.9%
Related for NVD:CVE-2006-2495