Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 and earlier allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag to serendipity_admin.php.
References
| Link | Resource |
|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037580.html | Exploit Patch Vendor Advisory |
| http://marc.info/?l=bugtraq&m=112801570631203&w=2 | |
| http://secunia.com/advisories/17011/ | Patch Vendor Advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22456 | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037580.html | Exploit Patch Vendor Advisory |
| http://marc.info/?l=bugtraq&m=112801570631203&w=2 | |
| http://secunia.com/advisories/17011/ | Patch Vendor Advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22456 |
Configurations
History
21 Nov 2024, 00:01
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037580.html - Exploit, Patch, Vendor Advisory | |
| References | () http://marc.info/?l=bugtraq&m=112801570631203&w=2 - | |
| References | () http://secunia.com/advisories/17011/ - Patch, Vendor Advisory | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/22456 - |
Information
Published : 2005-10-04 22:02
Updated : 2024-11-21 00:01
NVD link : CVE-2005-3129
Mitre link : CVE-2005-3129
CVE.ORG link : CVE-2005-3129
JSON object : View
Products Affected
s9y
- serendipity
CWE