Description

comment.php in Serendipity through 2.0.5 allows CSRF in deleting any comments.

Remediation

References

CVE-2017-5475

Related Vulnerabilities

Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.12)

WordPress Plugin wp-picasa-image Cross-Site Scripting (1.0)

WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Cross-Site Scripting (5.8.1)

WordPress Plugin Double Opt-In for Download SQL Injection (2.0.8)

WordPress Plugin Simple Share Buttons Adder Multiple Vulnerabilities (4.4)

Severity

High

Classification

CVE-2017-5475 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities