CVE-2015-4619

Description

Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b6593032679300c493735e75.

Related CPE's

a denkgroot spina ********

References

https://github.com/denkGroot/Spina/commit/bfe44f289e336f80b6593032679300c493735e75

Issue TrackingPatchThird Party Advisory

Third Party AdvisoryVDB Entry

[oss-security] 20150616 Re: Cross-Site Request Forgery in Spina CMS

Mailing ListPatchThird Party Advisory

CvssV3 impact

BaseSeverity	HIGH
ConfidentialityImpact	HIGH
AttackComplexity	LOW
Scope	UNCHANGED
AttackVector	NETWORK
AvailabilityImpact	HIGH
IntegrityImpact	HIGH
PrivilegesRequired	NONE
BaseScore	8.8
VectorString	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version	3.0
UserInteraction	REQUIRED

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:M/Au:N/C:P/I:P/A:P
AccessVector	NETWORK
AccessComplexity	MEDIUM
Authentication	NONE
ConfidentialityImpact	PARTIAL
IntegrityImpact	PARTIAL
AvailabilityImpact	PARTIAL
BaseScore	6.800000190734863

Created by Yello

About Severity.io