Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2013-0247

Date: July 30, 2013

Overview

In xwiki-platform versions xwiki-platform-5.0 through xwiki-platform-5.1 are vulnerable to cross-site request forgery in the send message functionality

Details

In xwiki-platform versions xwiki-platform-5.0 through xwiki-platform-5.1 are vulnerable to cross-site request forgery in the send message functionality

Affected Environments

Xwiki-platform-5.0 through xwiki-platform-5.1

Prevention

Upgrade to xwiki-platform-5.2

Language: Java

Good to know:

icon

Cross-Site Request Forgery (CSRF)

CWE-352
icon

Upgrade Version

Upgrade to version xwiki-platform-5.2

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): Low
Availability (A): None

Related Resources (2)

https://github.com/xwiki/xwiki-platform/commit/32c758a76982cee29dfead32f63a79592703b403
https://www.mend.io/vulnerability-database/WS-2013-0247