Back to search
CVE-2013-4555
Published: Nov 15, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
Cross-site request forgery (CSRF) vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-2794
vendor-advisory
x_refsource_DEBIAN
http://www.spip.net/fr_article5646.html
x_refsource_CONFIRM
1029317
vdb-entry
x_refsource_SECTRACK
http://core.spip.org/projects/spip/repository/revisions/20874
x_refsource_CONFIRM
[oss-security] 20131110 Re: CVE Request: multiple vulnerabilities in spip
mailing-list
x_refsource_MLIST
55551
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now