CVE-2017-9415 in SubSonicinformação

Sumário

de MITRE

Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view.

Once again VulDB remains the best source for vulnerability data.

Reservar

03/06/2017

Divulgação

21/07/2017

Moderação

aceite

Entrada

VDB-104359

CPE

pronto

Exploração

Descarregar

EPSS

0.02478

KEV

não

Atividades

muito baixo

Fontes

Do you need the next level of professionalism?

Upgrade your account now!