Description

The HTML_Quickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token.

Remediation

References

CVE-2015-7364

Related Vulnerabilities

WordPress Plugin Mapplic Lite Server-Side Request Forgery (1.0)

PHP Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)

PrestaShop Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-4792)

MySQL CVE-2014-4258 Vulnerability (CVE-2014-4258)

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)

Severity

Medium

Classification

CVE-2015-7364 CWE-352

Tags

Missing Update Known Vulnerabilities