NVD

Id
42898  
Name
CVE-2012-0829  
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site scripting (XSS) sequences via the (1) address or (2) threadid parameters to operator/ban.php; or (3) geolinkparams, (4) title, or (5) chattitle parameters to operator/settings.php.  
Reject
 
CVSS Version
2  
CVSS Score
6  
Severity
Medium  
CVSS Base Score
6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-02-13  
Modified Date
2012-02-14  
Seq
2012-0829  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
215861 42898 CVE-2012-0829 20120130 Mibew messenger multiple XSS  View
215862 42898 CVE-2012-0829 http://www.codseq.it/advisories/mibew_messenger_multiple_xss  View
215863 42898 CVE-2012-0829 [oss-security] 20120202 Re: XSS hiding CSRF (was: Re: Mibew messenger multiple XSS)  View
215864 42898 CVE-2012-0829 51723  View
215865 42898 CVE-2012-0829 mibew-webinterface-csrf(72822)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
25697 JVNDB-2012-001404 Mibew Messenger におけるクロスサイトリクエストフォージェリの脆弱性 Mibew Messenger には、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2012-0829 54067 CVE-2012-0829 42898 6 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001404.html 2012-02-14 2012-02-15 View