CVE

Id
64502  
CVE No.
CVE-2013-4555  
Status
Candidate  
Description
Cross-site request forgery (CSRF) vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors.  
Phase
Assigned (20130612)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
635781 64502 CVE-2013-4555 MLIST:[oss-security] 20131110 Re: CVE Request: multiple vulnerabilities in spip  View
635782 64502 CVE-2013-4555 URL:http://www.openwall.com/lists/oss-security/2013/11/10/4  View
635783 64502 CVE-2013-4555 CONFIRM:http://core.spip.org/projects/spip/repository/revisions/20874  View
635784 64502 CVE-2013-4555 CONFIRM:http://www.spip.net/fr_article5646.html  View
635785 64502 CVE-2013-4555 DEBIAN:DSA-2794  View
635786 64502 CVE-2013-4555 URL:https://www.debian.org/security/2013/dsa-2794  View
635787 64502 CVE-2013-4555 SECTRACK:1029317  View
635788 64502 CVE-2013-4555 URL:http://www.securitytracker.com/id/1029317  View
635789 64502 CVE-2013-4555 SECUNIA:55551  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
23617 JVNDB-2013-005192 lighttpd におけるサービス運用妨害 (DoS) の脆弱性 lighttpd には、解放済みメモリの使用 (Use-after-free) により、サービス運用妨害 (セグメンテーション違反およびクラッシュ) 状態にされる脆弱性が存在します。 CVE-2013-4560 64502 2.6 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005192.html  View