CVE-2014-8773 in Revolutioninfo

Summary

MODX Revolution 2.x before 2.2.15 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism by (1) omitting the CSRF token or via a (2) long string in the CSRF token parameter.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

11/13/2014

Disclosure

12/03/2014

Moderation

VulDB entry created

Entries

1: VDB-73071

CPE

ready

CWE

CWE-352 (Confirmed)

Exploit

Download

CVSS

6.3

EPSS

0.00225

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-8773
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-8773
CVE Details	https://www.cvedetails.com/cve/CVE-2014-8773/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!