CVE Vulnerabilities

CVE-2010-5087

Published: Aug 26, 2012 | Modified: Aug 27, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators via vectors related to form action requests using a controller.

Affected Software

Name Vendor Start Version End Version
Silverstripe Silverstripe 2.3.4 2.3.4
Silverstripe Silverstripe 2.3.0 2.3.0
Silverstripe Silverstripe 2.3.7 2.3.7
Silverstripe Silverstripe 2.3.10 2.3.10
Silverstripe Silverstripe 2.3.1 2.3.1
Silverstripe Silverstripe 2.3.0 2.3.0
Silverstripe Silverstripe 2.3.3 2.3.3
Silverstripe Silverstripe 2.3.8 2.3.8
Silverstripe Silverstripe 2.3.1 2.3.1
Silverstripe Silverstripe 2.3.1 2.3.1
Silverstripe Silverstripe 2.3.5 2.3.5
Silverstripe Silverstripe 2.3.9 2.3.9
Silverstripe Silverstripe 2.3.6 2.3.6
Silverstripe Silverstripe 2.3.0 2.3.0
Silverstripe Silverstripe 2.3.2 2.3.2
Silverstripe Silverstripe 2.3.0 2.3.0

References