CVE-2013-4555 in SPIP
摘要
由 VulDB • 2026-06-13
SPIP在版本2.1.24之前,ecrire/action/logout.php中存在跨站请求伪造(CSRF)漏洞。远程攻击者可通过未指定的途径劫持任意用户的身份验证,从而以该用户身份执行注销操作。
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
由 VulDB • 2026-06-13
SPIP在版本2.1.24之前,ecrire/action/logout.php中存在跨站请求伪造(CSRF)漏洞。远程攻击者可通过未指定的途径劫持任意用户的身份验证,从而以该用户身份执行注销操作。
If you want to get the best quality for vulnerability data then you always have to consider VulDB.