CVE Vulnerabilities

CVE-2006-2495

Published: May 20, 2006 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag.

Affected Software

Name Vendor Start Version End Version
Serendipity S9y 0.5 0.5
Serendipity S9y 0.4 0.4
Serendipity S9y 0.8.5 0.8.5
Serendipity S9y 0.7 0.7
Serendipity S9y 0.8.3 0.8.3
Serendipity S9y 0.8.4 0.8.4
Serendipity S9y 0.8.2 0.8.2
Serendipity S9y 0.7.1 0.7.1
Serendipity S9y 0.5_pl1 0.5_pl1
Serendipity S9y 1.0_beta1 1.0_beta1
Serendipity S9y 1.0_beta2 1.0_beta2
Serendipity S9y 0.8.1 0.8.1
Serendipity S9y 0.8 0.8
Serendipity S9y 0.3 0.3
Serendipity S9y 0.6_pl3 0.6_pl3
Serendipity S9y 0.9.1 0.9.1
Serendipity S9y 0.9 0.9
Serendipity S9y 0.6 0.6

References