Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Serendipity | S9y | 0.5 | 0.5 |
Serendipity | S9y | 0.4 | 0.4 |
Serendipity | S9y | 0.8.5 | 0.8.5 |
Serendipity | S9y | 0.7 | 0.7 |
Serendipity | S9y | 0.8.3 | 0.8.3 |
Serendipity | S9y | 0.8.4 | 0.8.4 |
Serendipity | S9y | 0.8.2 | 0.8.2 |
Serendipity | S9y | 0.7.1 | 0.7.1 |
Serendipity | S9y | 0.5_pl1 | 0.5_pl1 |
Serendipity | S9y | 1.0_beta1 | 1.0_beta1 |
Serendipity | S9y | 1.0_beta2 | 1.0_beta2 |
Serendipity | S9y | 0.8.1 | 0.8.1 |
Serendipity | S9y | 0.8 | 0.8 |
Serendipity | S9y | 0.3 | 0.3 |
Serendipity | S9y | 0.6_pl3 | 0.6_pl3 |
Serendipity | S9y | 0.9.1 | 0.9.1 |
Serendipity | S9y | 0.9 | 0.9 |
Serendipity | S9y | 0.6 | 0.6 |