Description

Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag.

Remediation

References

CVE-2006-2495

Related Vulnerabilities

WordPress Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-29447)

Oracle Database Server CVE-2006-0267 Vulnerability (CVE-2006-0267)

WordPress Plugin Admin username changer Unspecified Vulnerability (1.0)

WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (6.4)

Jenkins Improper Authentication Vulnerability (CVE-2018-1999045)

Severity

High

Classification

CVE-2006-2495

Tags

Missing Update Known Vulnerabilities